A transformer-BiGRU-based framework with data augmentation and confident learning for network intrusion detection

• URL: http://arxiv.org/abs/2509.04925v1
• Date: Fri, 05 Sep 2025 08:42:20 GMT
• Title: A transformer-BiGRU-based framework with data augmentation and confident learning for network intrusion detection
• Authors: Jiale Zhang, Pengfei He, Fei Li, Kewei Li, Yan Wang, Lan Huang, Ruochi Zhang, Fengfeng Zhou,
• Abstract summary: This study has developed TrailGate, a novel framework that combines machine learning and deep learning techniques.<n>This algorithmic fusion excels at detecting common and well-understood attack types and has the unique ability to swiftly identify and neutralize emerging threats.
• Score: 16.480258011281844
• License: http://creativecommons.org/licenses/by-sa/4.0/
• Abstract: In today's fast-paced digital communication, the surge in network traffic data and frequency demands robust and precise network intrusion solutions. Conventional machine learning methods struggle to grapple with complex patterns within the vast network intrusion datasets, which suffer from data scarcity and class imbalance. As a result, we have integrated machine learning and deep learning techniques within the network intrusion detection system to bridge this gap. This study has developed TrailGate, a novel framework that combines machine learning and deep learning techniques. By integrating Transformer and Bidirectional Gated Recurrent Unit (BiGRU) architectures with advanced feature selection strategies and supplemented by data augmentation techniques, TrailGate can identifies common attack types and excels at detecting and mitigating emerging threats. This algorithmic fusion excels at detecting common and well-understood attack types and has the unique ability to swiftly identify and neutralize emerging threats that stem from existing paradigms.

Related papers

• One-Class Intrusion Detection with Dynamic Graphs [46.453758431767724]
  Machine learning-based intrusion detection constitutes a promising approach for improving security.<n>We propose a novel intrusion detection method, TGN-SVDD, which builds upon modern dynamic graph modelling and deep anomaly detection.<n>We demonstrate its superiority over several baselines for realistic intrusion detection data and suggest a more challenging variant of the latter.
  arXiv  Detail & Related papers  (2025-08-18T12:36:55Z)
• Exploiting Edge Features for Transferable Adversarial Attacks in Distributed Machine Learning [54.26807397329468]
  This work explores a previously overlooked vulnerability in distributed deep learning systems.<n>An adversary who intercepts the intermediate features transmitted between them can still pose a serious threat.<n>We propose an exploitation strategy specifically designed for distributed settings.
  arXiv  Detail & Related papers  (2025-07-09T20:09:00Z)
• Vision Transformer with Adversarial Indicator Token against Adversarial Attacks in Radio Signal Classifications [33.246218531386326]
  We propose a novel vision transformer (ViT) architecture by introducing a new concept known as adversarial indicator (AdvI) token to detect adversarial attacks.<n>We show the proposed AdvI token acts as a crucial element within the ViT, influencing attention weights and thereby highlighting regions or features in the input data that are potentially suspicious or anomalous.
  arXiv  Detail & Related papers  (2025-06-13T15:21:54Z)
• AI/ML Based Detection and Categorization of Covert Communication in IPv6 Network [0.8130739369606821]
  IPv6 extension headers allow attackers to create covert channels or bypass security mechanisms, leading to potential data breaches or system compromises.<n>The complexity of detecting covert communication, evolving injection techniques, and scarcity of data make building machine-learning models challenging.<n>This study uses comprehensive machine learning techniques to train the model proposed in this study to detect threats.
  arXiv  Detail & Related papers  (2025-01-18T02:05:37Z)
• Preliminary study on artificial intelligence methods for cybersecurity threat detection in computer networks based on raw data packets [34.82692226532414]
  In this paper, we investigate deep learning methodologies capable of detecting attacks in real-time directly from raw packet data within network traffic. We propose a novel approach where packets are stacked into windows and separately recognised, with a 2D image representation suitable for processing with computer vision models.
  arXiv  Detail & Related papers  (2024-07-24T15:04:00Z)
• Few-shot Weakly-supervised Cybersecurity Anomaly Detection [1.179179628317559]
  We propose an enhancement to an existing few-shot weakly-supervised deep learning anomaly detection framework. This framework incorporates data augmentation, representation learning and ordinal regression. We then evaluated and showed the performance of our implemented framework on three benchmark datasets.
  arXiv  Detail & Related papers  (2023-04-15T04:37:54Z)
• GowFed -- A novel Federated Network Intrusion Detection System [0.15469452301122172]
  This work presents GowFed, a novel network threat detection system that combines the usage of Gower Dissimilarity matrices and Federated averaging. Different approaches of GowFed have been developed based on state-of the-art knowledge: (1) a vanilla version; and (2) a version instrumented with an attention mechanism. Overall, GowFed intends to be the first stepping stone towards the combined usage of Federated Learning and Gower Dissimilarity matrices to detect network threats in industrial-level networks.
  arXiv  Detail & Related papers  (2022-10-28T23:53:37Z)
• An Online Ensemble Learning Model for Detecting Attacks in Wireless Sensor Networks [0.0]
  We develop an intelligent, efficient, and updatable intrusion detection system by applying an important machine learning concept known as ensemble learning. In this paper, we examine the application of different homogeneous and heterogeneous online ensembles in sensory data analysis. Among the proposed novel online ensembles, both the heterogeneous ensemble consisting of an Adaptive Random Forest (ARF) combined with the Hoeffding Adaptive Tree (HAT) algorithm and the homogeneous ensemble HAT made up of 10 models achieved higher detection rates of 96.84% and 97.2%, respectively.
  arXiv  Detail & Related papers  (2022-04-28T23:10:47Z)
• Learning to Detect: A Data-driven Approach for Network Intrusion Detection [17.288512506016612]
  We perform a comprehensive study on NSL-KDD, a network traffic dataset, by visualizing patterns and employing different learning-based models to detect cyber attacks. Unlike previous shallow learning and deep learning models that use the single learning model approach for intrusion detection, we adopt a hierarchy strategy. We demonstrate the advantage of the unsupervised representation learning model in binary intrusion detection tasks.
  arXiv  Detail & Related papers  (2021-08-18T21:19:26Z)
• A Compressive Sensing Approach for Federated Learning over Massive MIMO Communication Systems [82.2513703281725]
  Federated learning is a privacy-preserving approach to train a global model at a central server by collaborating with wireless devices. We present a compressive sensing approach for federated learning over massive multiple-input multiple-output communication systems.
  arXiv  Detail & Related papers  (2020-03-18T05:56:27Z)
• Security of Distributed Machine Learning: A Game-Theoretic Approach to Design Secure DSVM [31.480769801354413]
  This work aims to develop secure distributed algorithms to protect the learning from data poisoning and network attacks. We establish a game-theoretic framework to capture the conflicting goals of a learner who uses distributed support vector machines (SVMs) and an attacker who is capable of modifying training data and labels. The numerical results show that distributed SVM is prone to fail in different types of attacks, and their impact has a strong dependence on the network structure and attack capabilities.
  arXiv  Detail & Related papers  (2020-03-08T18:54:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.