By
presenting
an
improved
Intrusion
Detection
System
(IDS)
that
combines
deep
learning
with
support
vector
machines
(SVM),
this
research
increases
network
security.
The
main
goal
is
to
increase
the
accuracy
of
SVM
detection
by
using
a
methodical
feature
selection
and
optimization
technique
tailored
complexity
intrusions.
35
out
42
features
were
chosen
for
RFECV,
algorithmic
in
machine
learning.
To
ensure
preserved
are
those
contribute
most
model's
predictive
capacity
redundant
deleted,
techniques
such
as
RFECV
priority
ranking
ExtraTreesClassifier
take
performance
into
account
during
process.
improve
classifier
performance,
strategies
hyperparameter
tuning
used,
focusing
on
important
data
cutting
down
redundancies.
several
kernel
functions,
including
linear,
polynomial,
RBF,
sigmoid,
compared
study.
Linear
model
combined
was
shown
perform
best.
Our
outperforms
current
IDS
frameworks,
demonstrated
comparative
analysis,
confirming
efficacy
integrating
SVMs
real-time
threat
detection.
KDD
Cup
99
dataset,
which
has
been
widely
used
benchmark
assessing
different
models,
work.
It
offers
consistent,
varied,
large
dataset
so
researchers
may
evaluate
contrast
their
methods.
Researchers
can
experiment
reduction
enhance
because
dataset's
broad
set
features.
Algorithms,
Год журнала:
2025,
Номер
18(2), С. 69 - 69
Опубликована: Янв. 28, 2025
As
security
threats
become
more
complex,
the
need
for
effective
intrusion
detection
systems
(IDSs)
has
grown.
Traditional
machine
learning
methods
are
limited
by
extensive
feature
engineering
and
data
preprocessing.
To
overcome
this,
we
propose
two
enhanced
hybrid
deep
models,
an
autoencoder–convolutional
neural
network
(Autoencoder–CNN)
a
transformer–deep
(Transformer–DNN).
The
Autoencoder
reshapes
traffic
data,
addressing
class
imbalance,
CNN
performs
precise
classification.
transformer
component
extracts
contextual
features,
which
DNN
uses
accurate
Our
approach
utilizes
adaptive
synthetic
sampling–synthetic
minority
oversampling
technique
(ADASYN-SMOTE)
binary
classification
SMOTE
multi-class
classification,
along
with
edited
nearest
neighbors
(ENN)
further
imbalance
handling.
models
were
designed
to
minimize
false
positives
negatives,
improve
real-time
detection,
identify
zero-day
attacks.
Evaluations
based
on
CICIDS2017
dataset
showed
99.90%
accuracy
Autoencoder–CNN
99.92%
Transformer–DNN
in
99.95%
99.96%
respectively.
On
NF-BoT-IoT-v2
dataset,
achieved
99.98%
97.95%
while
reached
97.90%,
These
results
demonstrate
superior
performance
of
proposed
compared
traditional
handling
diverse
Electronics,
Год журнала:
2024,
Номер
13(12), С. 2404 - 2404
Опубликована: Июнь 19, 2024
As
network
sizes
grow,
attack
schemes
not
only
become
more
varied
but
also
increase
in
complexity.
This
diversification
leads
to
a
proliferation
of
variants,
complicating
the
identification
and
differentiation
potential
threats.
Enhancing
system
security
necessitates
implementation
multi-class
intrusion
detection
systems.
approach
enables
categorization
incoming
traffic
into
distinct
types
illustrates
specific
encountered
within
Internet.
Numerous
studies
have
leveraged
deep
learning
(DL)
for
Network-based
Intrusion
Detection
Systems
(NIDS),
aiming
improve
detection.
Among
these
DL
algorithms,
Graph
Neural
Networks
(GNN)
stand
out
their
ability
efficiently
process
unstructured
data,
especially
traffic,
making
them
particularly
suitable
NIDS
applications.
Although
usually
monitors
outgoing
flows
network,
represented
as
edge
features
graph
format,
traditional
GNN
consider
node
features,
overlooking
features.
oversight
can
result
losing
important
flow
data
diminish
system’s
detect
attacks
effectively.
To
address
this
limitation,
our
research
makes
several
key
contributions:
(1)
Emphasize
significance
enhancing
detection,
(2)
Utilize
port
information,
which
is
essential
identifying
often
overlooked
during
training,
(3)
Reorganize
embedded
graph.
By
doing
this,
represent
close
actual
showing
endpoint
information
such
IP
addresses
ports;
contains
related
Duration,
Number
Packet/s,
Length…;
(4)
Compared
methods,
experiments
demonstrate
significant
performance
improvements
on
both
CIC-IDS-2017
(98.32%)
UNSW-NB15
(96.71%)
datasets.
Research Square (Research Square),
Год журнала:
2025,
Номер
unknown
Опубликована: Апрель 10, 2025
Abstract
The
integrity
of
network
infrastructure
against
malicious
exploit
attacks
relies
mostly
on
Intrusion
Detection
Systems
(IDS).
These
techniques
are
very
essential
for
identifying
and
lowering
threats
before
they
start
to
cause
significant
damage.
This
manuscript
evaluates
three
advanced
Machine
Learning
(ML)
models
CatBoost,
XGBoost,
Long
Short-Term
Memory
(LSTM)
a
real-world
traffic
dataset
determine
their
suitability
IDS
applications.
Every
model
is
evaluated
using
key
metrics:
accuracy,
precision,
recall,
F1-score,
error
measures
including
Root
Mean
Squared
Error
(RMSE)
(MSE).
Based
the
results,
Catboost
exceeds
other
with
98.55%
accuracy
lowest
rates.
Given
CatBoost's
remarkable
performance,
it
fitting
real-time
systems
where
reducing
false
positives
negatives
extremely
crucial.
XGBoost
provides
balanced
computationally
affordable
solution
even
if
significantly
less
accurate;
ideal
scenarios
requiring
fast
responses
limited
resources.
Strong
in
sequential
pattern
recognition,
LSTM
has
higher
rate
positives,
suggesting
that
further
tuning
needed
improve
its
overall
reliability
surroundings.
possibility
enhancing
performance
gradient
boosting
such
as
CatBoost
cybersecurity
underlined
this
study.
Transactions on Emerging Telecommunications Technologies,
Год журнала:
2025,
Номер
36(4)
Опубликована: Апрель 1, 2025
ABSTRACT
The
increase
in
Distributed
Denial
of
Service
(DDoS)
attacks
poses
a
considerable
threat
to
the
security
and
stability
current
network,
especially
Internet
Things
(IoT)
cloud
environments.
Traditional
detection
methods
often
struggle
with
inability
achieve
balance
between
accuracy
computational
efficiency.
In
this
manuscript,
Classification
Multiclass
DDOS
Attack
Detection
using
Bayesian
Weighted
Random
Forest
Optimized
Gazelle
Optimization
Algorithm
(DDOS‐AD‐BWRF‐GOA)
is
proposed.
First,
raw
data
gathered
from
CICDDoS2019
dataset.
Then,
input
are
preprocessed
utilizing
Adaptive
Bitonic
Filtering
for
normalizing
values.
fed
Improved
Feed
Forward
Long
Short‐Term
Memory
technique
selecting
features
that
model's
execution
time.
selected
supplied
(BWRF),
which
classifies
multiclass
attack.
general,
does
not
adopt
any
optimization
define
optimal
parameters
guarantee
exact
identification.
Hence,
GOA
proposed
optimize
classifier.
method
implemented
MATLAB.
performance
metrics,
such
as
Accuracy,
Precision,
Recall,
F
1‐score,
Specificity,
Error
rate,
Computational
time
evaluated.
attains
15.34%,
24.1%,
18.9%
higher
12.4%,
18.24%,
22.6%
precision
when
analyzed
existing
techniques:
Hybrid
deep
learning
classification
(HDL‐DDOS‐DC),
Edge‐HetIoT
Defense
against
DDoS
attack
techniques
(EHD‐DDOS‐LT),
Digital
twin‐enabled
intelligent
autonomous
core
networks
(DTI‐DDOS‐ACN),
respectively.
