Machine learning has brought significant advances in cybersecurity, particularly in the area of intrusion detection systems. This improvements can be mostly attributed to the ability of machine learning algorithms to identify complex relations between features in the data and to generalize well to unseen samples. Deep neural networks in particular contributed to this progress by enabling the analysis of large amounts of training data, significantly enhancing detection performance. However, machine learning models are vulnerable to adversarial attacks: manipulations of input data designed to mislead the models into making incorrect predictions. While much attention has been given to adversarial threats in unstructured data such as text and images, their effectiveness in structured data such as network traffic has not been as thoroughly explored. This survey seeks to fill this gap by providing an critical review of machine learning-based Network Intrusion Detection Systems (NIDS) and a thorough analysis of their vulnerability to adversarial attacks. We critically review existing NIDS research, highlighting key trends, strengths, and limitations, and we identify gaps in understanding that require further exploration. We further discuss emerging challenges and offer insights for developing more robust and resilient NIDS models. In summary, this paper aims to enhance understanding of adversarial attacks and defenses in NIDS and guide future research in improving the robustness of machine learning models in cybersecurity applications.

翻译：机器学习为网络安全领域带来了显著进展，尤其在入侵检测系统方面。这一进步主要归功于机器学习算法能够识别数据特征间的复杂关系，并对未见样本具有良好的泛化能力。深度神经网络通过支持对大量训练数据的分析，显著提升了检测性能，对此进展贡献尤为突出。然而，机器学习模型易受对抗性攻击的影响：这类攻击通过对输入数据进行精心设计的篡改，旨在误导模型做出错误预测。尽管针对文本和图像等非结构化数据中的对抗性威胁已受到广泛关注，但此类攻击在网络流量等结构化数据中的有效性尚未得到充分探索。本综述旨在填补这一空白，对基于机器学习的网络入侵检测系统进行批判性评述，并深入分析其面对对抗性攻击的脆弱性。我们系统审视现有NIDS研究，重点阐明关键趋势、优势与局限，并指出当前认知中亟待深入探索的空白领域。此外，我们进一步探讨新兴挑战，并为开发更具鲁棒性和抗干扰能力的NIDS模型提供见解。总而言之，本文旨在深化对NIDS中对抗性攻击与防御机制的理解，并为提升机器学习模型在网络安全应用中的鲁棒性指明未来研究方向。