Adaptive Cyber Defense Through Deep Learning Technologies

Main Article Content

Smitha G V, Samitha Khaiyum, Gagan K H, Pallavi S, Omkar M Maradi, NishantH N V

Abstract





Introduction: The rapid adoption of cloud has led to a rise in cyber-attacks, increasing from 32 million in 2018 to 112 million in 2022, with a further 41% surge in early 2023. Traditional Intrusion Detection Systems (IDS) struggle with the complexity of cloud network threats due to the vast amount of network traffic and evolving attack types. Feature extraction is crucial for improving IDS accuracy, and Autoencoder (AE)-based deep learning methods offer a promising solution. This study explores the impact of AE feature learning on IDS performance, utilizing various autoencoder models like Variational, Sparse, Relational, and Denoising AEs. The system employs the NSL-KDD dataset and evaluates classifiers such as SVM, Random Forest, KNN, Gradient Boosting, and Logistic Regression to determine the most accurate model for detecting IoT threats.


 Several studies highlight the importance of autonomous feature extraction in IDS to handle increasing cyber threats. Kunang Y N et al. achieved 86.96% accuracy using an Autoencoder and SVM on NSL-KDD, while Kushwaha P et al. improved attack detection through feature selection on KDD-CUP 99. Meng Q et al. introduced Relation Autoencoder for robust high-dimensional feature extraction, and Chae H S et al. optimized feature selection, reaching 99.794% accuracy with a decision tree. Yousefi-Azar M et al. proposed an AE-based dimensionality reduction method for efficient security. This paper advances previous work by comparing six machine-learning models on the latest NSL-KDD dataset.


 The proposed model uses an autoencoder for feature extraction, improving network attack detection. The NSL-KDD dataset is split 80:20 for training and testing, with MinMaxScaler and one-hot encoding for preprocessing. A sparse autoencoder with dropout and regularization extracts key features while reducing data size. Six classifiers—K-NN, RF, GB, LR, DT, and SVM—analyze these features, each optimized to enhance accuracy and minimize overfitting. Performance metrics determine the best cyberattack detection method.


 The proposed model uses an autoencoder-based deep learning approach for feature extraction, trained on the NSL_KDD dataset with normal traffic to address class imbalance. Data preprocessing includes MinMaxScaler and one-hot encoding, followed by feature extraction using a sparse autoencoder with dropout and regularization. Six classifiers (K-NN, RF, GB, SVM, DT, and LR) are evaluated, with K-NN achieving the highest accuracy of 99.28%. Performance metrics confirm the model's effectiveness in detecting network attacks.


The proposed system demonstrated that automatic feature extraction using an autoencoder significantly improves intrusion detection. By eliminating hand-crafted feature extraction and utilizing six ML classifiers, the system effectively classified cyberattacks from the NSL-KDD dataset. K-NN achieved the highest accuracy (99.28%), with RF also performing well. Performance metrics confirmed the model’s effectiveness in enhancing network security. However, limitations include the use of an older dataset and limited experimentation. Future work will focus on larger datasets, improved speed, and AI-driven intrusion detection for cloud security.





Article Details

Section
Articles