CSAGC-IDS: A Dual-Module Deep Learning Network Intrusion Detection Model for Complex and Imbalanced Data
- URL: http://arxiv.org/abs/2505.14027v1
- Date: Tue, 20 May 2025 07:27:51 GMT
- Title: CSAGC-IDS: A Dual-Module Deep Learning Network Intrusion Detection Model for Complex and Imbalanced Data
- Authors: Yifan Zeng,
- Abstract summary: This paper presents CSAGC-IDS, a network intrusion detection model based on deep learning techniques.<n> CSAGC-IDS integrates SC-CGAN, a self-attention-enhanced convolutional conditional generative adversarial network that generates high-quality data to class imbalance.<n> CSAGC-IDS achieves an accuracy of 84.55% and an F1-score of 84.52% in five-class classification task.
- Score: 0.43512163406552007
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: As computer networks proliferate, the gravity of network intrusions has escalated, emphasizing the criticality of network intrusion detection systems for safeguarding security. While deep learning models have exhibited promising results in intrusion detection, they face challenges in managing high-dimensional, complex traffic patterns and imbalanced data categories. This paper presents CSAGC-IDS, a network intrusion detection model based on deep learning techniques. CSAGC-IDS integrates SC-CGAN, a self-attention-enhanced convolutional conditional generative adversarial network that generates high-quality data to mitigate class imbalance. Furthermore, CSAGC-IDS integrates CSCA-CNN, a convolutional neural network enhanced through cost sensitive learning and channel attention mechanism, to extract features from complex traffic data for precise detection. Experiments conducted on the NSL-KDD dataset. CSAGC-IDS achieves an accuracy of 84.55% and an F1-score of 84.52% in five-class classification task, and an accuracy of 91.09% and an F1 score of 92.04% in binary classification task.Furthermore, this paper provides an interpretability analysis of the proposed model, using SHAP and LIME to explain the decision-making mechanisms of the model.
Related papers
- WeiDetect: Weibull Distribution-Based Defense against Poisoning Attacks in Federated Learning for Network Intrusion Detection Systems [23.03944479383518]
We propose WeiDetect, a two-phase, server-side defense mechanism for FL-based NIDS that detects malicious participants.<n>We conducted experiments to evaluate the effectiveness of our approach in diverse attack settings.<n>Our findings highlight that WeiDetect outperforms state-of-the-art defense approaches.
arXiv Detail & Related papers (2025-04-06T05:31:24Z) - Enhancing Internet of Things Security throughSelf-Supervised Graph Neural Networks [1.0678175996321808]
New types of attacks often have significantly fewer samples than more common attacks, leading to unbalanced datasets.<n>We suggest a new approach to IoT intrusion detection using Self-Supervised Learning (SSL) with a Markov Graph Convolutional Network (MarkovGCN)<n>Our approach leverages the inherent structure of IoT networks to pre-train a GCN, which is then fine-tuned for the intrusion detection task.
arXiv Detail & Related papers (2024-12-17T17:40:14Z) - FedMSE: Semi-supervised federated learning approach for IoT network intrusion detection [0.0]
The rise of IoT has expanded the cyber attack surface, making traditional centralized machine learning methods insufficient due to concerns about data availability, computational resources, transfer costs, and especially privacy preservation.<n>A semi-supervised federated learning model was developed to overcome these issues, combining the Shrink Autoencoder and Centroid one-class classifier (SAE-CEN)<n>This approach enhances the performance of intrusion detection by effectively representing normal network data and accurately identifying anomalies in the decentralized strategy.
arXiv Detail & Related papers (2024-10-18T02:23:57Z) - Lightweight CNN-BiLSTM based Intrusion Detection Systems for Resource-Constrained IoT Devices [38.16309790239142]
Intrusion Detection Systems (IDSs) have played a significant role in detecting and preventing cyber-attacks within traditional computing systems.
The limited computational resources available on Internet of Things (IoT) devices make it challenging to deploy conventional computing-based IDSs.
We propose a hybrid CNN architecture composed of a lightweight CNN and bidirectional LSTM (BiLSTM) to enhance the performance of IDS on the UNSW-NB15 dataset.
arXiv Detail & Related papers (2024-06-04T20:36:21Z) - Strengthening Network Intrusion Detection in IoT Environments with Self-Supervised Learning and Few Shot Learning [1.0678175996321808]
The Internet of Things (IoT) has been introduced as a breakthrough technology that integrates intelligence into everyday objects.
As the IoT networks grow and expand, they become more susceptible to cybersecurity attacks.
This paper introduces a novel intrusion detection approach designed to address these challenges.
arXiv Detail & Related papers (2024-06-04T06:30:22Z) - Machine learning-based network intrusion detection for big and
imbalanced data using oversampling, stacking feature embedding and feature
extraction [6.374540518226326]
Intrusion Detection Systems (IDS) play a critical role in protecting interconnected networks by detecting malicious actors and activities.
This paper introduces a novel ML-based network intrusion detection model that uses Random Oversampling (RO) to address data imbalance and Stacking Feature Embedding (PCA) for dimension reduction.
Using the CIC-IDS 2017 dataset, DT, RF, and ET models reach 99.99% accuracy, while DT and RF models obtain 99.94% accuracy on CIC-IDS 2018 dataset.
arXiv Detail & Related papers (2024-01-22T05:49:41Z) - Effective Intrusion Detection in Highly Imbalanced IoT Networks with
Lightweight S2CGAN-IDS [48.353590166168686]
Internet of Things (IoT) networks contain benign traffic far more than abnormal traffic, with some rare attacks.
Most existing studies have been focused on sacrificing the detection rate of the majority class in order to improve the detection rate of the minority class.
We propose a lightweight framework named S2CGAN-IDS to expand the number of minority categories in both data space and feature space.
arXiv Detail & Related papers (2023-06-06T14:19:23Z) - A Dependable Hybrid Machine Learning Model for Network Intrusion
Detection [1.222622290392729]
We propose a new hybrid model that combines machine learning and deep learning to increase detection rates while securing dependability.
Our method produces excellent results when tested on two datasets, KDDCUP'99 and CIC-MalMem-2022.
arXiv Detail & Related papers (2022-12-08T20:19:27Z) - Robust Self-Ensembling Network for Hyperspectral Image Classification [38.84831094095329]
We propose a robust self-ensembling network (RSEN) to address this problem.
The proposed RSEN consists of twoworks including a base network and an ensemble network.
We show that the proposed algorithm can yield competitive performance compared with the state-of-the-art methods.
arXiv Detail & Related papers (2021-04-08T13:33:14Z) - Anomaly Detection on Attributed Networks via Contrastive Self-Supervised
Learning [50.24174211654775]
We present a novel contrastive self-supervised learning framework for anomaly detection on attributed networks.
Our framework fully exploits the local information from network data by sampling a novel type of contrastive instance pair.
A graph neural network-based contrastive learning model is proposed to learn informative embedding from high-dimensional attributes and local structure.
arXiv Detail & Related papers (2021-02-27T03:17:20Z) - Deep Fusion Clustering Network [38.540761683389135]
We propose a Deep Fusion Clustering Network (DFCN) for deep clustering.
In our network, an interdependency learning-based Structure and Attribute Information Fusion (SAIF) module is proposed to explicitly merge the representations learned by an autoencoder and a graph autoencoder.
Experiments on six benchmark datasets have demonstrated that the proposed DFCN consistently outperforms the state-of-the-art deep clustering methods.
arXiv Detail & Related papers (2020-12-15T09:37:59Z) - Learning with Knowledge of Structure: A Neural Network-Based Approach
for MIMO-OFDM Detection [33.46816493359834]
Building on a reservoir computing (RC)-based approach towards symbol detection, we introduce a symmetric and decomposed binary decision neural network.
We show that the introduced symmetric neural network can decompose the original $M$-ary detection problem into a series of binary classification tasks.
Numerical evaluations demonstrate that the introduced hybrid RC-binary decision detection framework performs close to maximum likelihood model-based symbol detection methods.
arXiv Detail & Related papers (2020-12-01T18:16:19Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.