Related papers: A Robust Cross-Domain IDS using BiGRU-LSTM-Attention for Medical and Industrial IoT Security

A Robust Cross-Domain IDS using BiGRU-LSTM-Attention for Medical and Industrial IoT Security

URL: http://arxiv.org/abs/2508.12470v1
Date: Sun, 17 Aug 2025 18:50:23 GMT
Title: A Robust Cross-Domain IDS using BiGRU-LSTM-Attention for Medical and Industrial IoT Security
Authors: Afrah Gueriani, Hamza Kheddar, Ahmed Cherif Mazari, Mohamed Chahine Ghanem,
Abstract summary: This paper introduces a novel transformer-based intrusion detection system IDS, termed BiGAT-ID.<n>BiGAT-ID is a hybrid model that combines bidirectional recurrent gated units BiGRU, long short-term memory LSTM networks, and multi-head attention MHA.<n>The model exhibits exceptional runtime efficiency, with inference times as low as 0.0002 seconds per instance in IoMT and 0.0001 seconds in IIoT scenarios.
Score: 0.21427777919040417
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The increased Internet of Medical Things IoMT and the Industrial Internet of Things IIoT interconnectivity has introduced complex cybersecurity challenges, exposing sensitive data, patient safety, and industrial operations to advanced cyber threats. To mitigate these risks, this paper introduces a novel transformer-based intrusion detection system IDS, termed BiGAT-ID a hybrid model that combines bidirectional gated recurrent units BiGRU, long short-term memory LSTM networks, and multi-head attention MHA. The proposed architecture is designed to effectively capture bidirectional temporal dependencies, model sequential patterns, and enhance contextual feature representation. Extensive experiments on two benchmark datasets, CICIoMT2024 medical IoT and EdgeIIoTset industrial IoT demonstrate the model's cross-domain robustness, achieving detection accuracies of 99.13 percent and 99.34 percent, respectively. Additionally, the model exhibits exceptional runtime efficiency, with inference times as low as 0.0002 seconds per instance in IoMT and 0.0001 seconds in IIoT scenarios. Coupled with a low false positive rate, BiGAT-ID proves to be a reliable and efficient IDS for deployment in real-world heterogeneous IoT environments

Related papers

Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
arXiv Detail & Related papers (2026-01-25T12:47:25Z)
Decentralized Multi-Agent Swarms for Autonomous Grid Security in Industrial IoT: A Consensus-based Approach [0.0]
DMAS agents communicate via a lightweight peer-to-peer protocol to cooperatively detect anomalous behavior.<n>Agents vote on the threat level of an identified threat, enabling instant quarantine of a compromised node or nodes.<n> DMAS demonstrated sub-millisecond response times, 97.3% accuracy in detecting malicious activity under high load, and 87% accuracy in detecting zero-day attacks.
arXiv Detail & Related papers (2026-01-24T04:25:36Z)
LSM-2: Learning from Incomplete Wearable Sensor Data [65.58595667477505]
This paper introduces the second generation of Large Sensor Model (LSM-2) with Adaptive and Inherited Masking (AIM)<n>AIM learns robust representations directly from incomplete data without requiring explicit imputation.<n>Our LSM-2 with AIM achieves the best performance across a diverse range of tasks, including classification, regression and generative modeling.
arXiv Detail & Related papers (2025-06-05T17:57:11Z)
Hybrid Machine Learning Models for Intrusion Detection in IoT: Leveraging a Real-World IoT Dataset [0.0]
Intrusion Detection Systems (IDS) are crucial for mitigating these threats.<n>Recent advancements in Machine Learning (ML) offer promising avenues for improvement.<n>This research explores a hybrid approach, combining several standalone ML models.
arXiv Detail & Related papers (2025-02-17T23:41:10Z)
A Conditional Tabular GAN-Enhanced Intrusion Detection System for Rare Attacks in IoT Networks [1.1970409518725493]
Internet of things (IoT) networks, boosted by 6G technology, are transforming various industries.<n>Their widespread adoption introduces significant security risks, particularly in detecting rare but potentially damaging cyber-attacks.<n>Traditional IDS often struggle with detecting rare attacks due to severe class imbalances in IoT data.
arXiv Detail & Related papers (2025-02-09T21:13:11Z)
MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN [42.74889568823579]
We identify a new time-exciting threat model against in-vehicle network (IVN)<n>These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions.<n>To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures.
arXiv Detail & Related papers (2024-11-15T15:05:01Z)
Efficient Intrusion Detection: Combining $χ^2$ Feature Selection with CNN-BiLSTM on the UNSW-NB15 Dataset [2.239394800147746]
Intrusion Detection Systems (IDSs) have played a significant role in the detection and prevention of cyber-attacks in traditional computing systems. The limited computational resources available on Internet of Things (IoT) devices pose a challenge for deploying conventional computing-based IDSs. We present an effective IDS model that addresses this issue by combining a lightweight Convolutional Neural Network (CNN) with bidirectional Long Short-Term Memory (BiLSTM)
arXiv Detail & Related papers (2024-07-20T17:41:16Z)
Lightweight CNN-BiLSTM based Intrusion Detection Systems for Resource-Constrained IoT Devices [38.16309790239142]
Intrusion Detection Systems (IDSs) have played a significant role in detecting and preventing cyber-attacks within traditional computing systems. The limited computational resources available on Internet of Things (IoT) devices make it challenging to deploy conventional computing-based IDSs. We propose a hybrid CNN architecture composed of a lightweight CNN and bidirectional LSTM (BiLSTM) to enhance the performance of IDS on the UNSW-NB15 dataset.
arXiv Detail & Related papers (2024-06-04T20:36:21Z)
Enhancing IoT Security with CNN and LSTM-Based Intrusion Detection Systems [0.23408308015481666]
Our proposed model consists on a combination of convolutional neural network (CNN) and long short-term memory (LSTM) deep learning (DL) models. This fusion facilitates the detection and classification of IoT traffic into binary categories, benign and malicious activities. Our proposed model achieves an accuracy rate of 98.42%, accompanied by a minimal loss of 0.0275.
arXiv Detail & Related papers (2024-05-28T22:12:15Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Constrained Twin Variational Auto-Encoder for Intrusion Detection in IoT Systems [30.16714420093091]
Intrusion detection systems (IDSs) play a critical role in protecting billions of IoT devices from malicious attacks. This article proposes a novel deep neural network/architecture called Constrained Twin Variational Auto-Encoder (CTVAE) CTVAE can boost around 1% in terms of accuracy and Fscore in detection attack compared to the state-of-the-art machine learning and representation learning methods.
arXiv Detail & Related papers (2023-12-05T04:42:04Z)
TinyAD: Memory-efficient anomaly detection for time series data in Industrial IoT [43.207210990362825]
We propose a novel framework named Tiny Anomaly Detection (TinyAD) to efficiently facilitate onboard inference of CNNs for real-time anomaly detection. To reduce the peak memory consumption of CNNs, we explore two complementary strategies, in-place, and patch-by-patch memory rescheduling. Our framework can reduce peak memory consumption by 2-5x with negligible overhead.
arXiv Detail & Related papers (2023-03-07T02:56:15Z)
Adaptive Anomaly Detection for Internet of Things in Hierarchical Edge Computing: A Contextual-Bandit Approach [81.5261621619557]
We propose an adaptive anomaly detection scheme with hierarchical edge computing (HEC) We first construct multiple anomaly detection DNN models with increasing complexity, and associate each of them to a corresponding HEC layer. Then, we design an adaptive model selection scheme that is formulated as a contextual-bandit problem and solved by using a reinforcement learning policy network.
arXiv Detail & Related papers (2021-08-09T08:45:47Z)
EEG-Inception: An Accurate and Robust End-to-End Neural Network for EEG-based Motor Imagery Classification [123.93460670568554]
This paper proposes a novel convolutional neural network (CNN) architecture for accurate and robust EEG-based motor imagery (MI) classification. The proposed CNN model, namely EEG-Inception, is built on the backbone of the Inception-Time network. The proposed network is an end-to-end classification, as it takes the raw EEG signals as the input and does not require complex EEG signal-preprocessing.
arXiv Detail & Related papers (2021-01-24T19:03:10Z)
Adaptive Anomaly Detection for IoT Data in Hierarchical Edge Computing [71.86955275376604]
We propose an adaptive anomaly detection approach for hierarchical edge computing (HEC) systems to solve this problem. We design an adaptive scheme to select one of the models based on the contextual information extracted from input data, to perform anomaly detection. We evaluate our proposed approach using a real IoT dataset, and demonstrate that it reduces detection delay by 84% while maintaining almost the same accuracy as compared to offloading detection tasks to the cloud.
arXiv Detail & Related papers (2020-01-10T05:29:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.