AI-Augmented Threat Detection: A Deep Learning Approach to Real-Time Intrusion Detection Systems (IDS)
Keywords:
Deep Learning, Intrusion Detection Systems, Cybersecurity, Real-Time Threat Detection , Neural Networks, AI-Augmented SecurityAbstract
Increasing scale and complexity of cyber attacks have surpassed the efficacy of traditional Intrusion Detection Systems (IDS), which cannot keep track of new and developing attack modes in real time. To address these limitations, this work proposes a deep learning focused framework for AI-facilitated threat detection in network environments. The aim is to enhance the effectiveness of real-time IDS using a hybrid approach that entails combining Convolutional Neural Networks (CNN) with Long Short-Term Memory (LSTM) networks. CNN is utilized to detect spatial characteristics in traffic flows and LSTM to detect temporal activities such that accurate classification of advanced cyberattacks is achieved. The model proposed is trained and tested over two benchmarking datasets, CICIDS2017 and NSL-KDD, under strict preprocessing and feature selection. It is quantitatively evaluated in terms of common metrics Accuracy, Precision, Recall, F1-score, and AUC-ROC. The model achieves 99.1% accuracy on the CICIDS2017 and 98.7% accuracy on the NSL-KDD datasets and outperforms baseline deep learning and machine learning models. This work demonstrates that the combination of spatial and temporal analysis significantly improves detection with low false positives and inference latency. The proposed model provides a scalable, intelligent, and real-time threat detection approach suitable for application in modern cybersecurity systems.Downloads
References
Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. Journal of Computational Science, 25, 152-160.
Alazzam, H., Sharieh, A., & Sabri, K. E. (2020). A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer. Expert systems with applications, 148, 113249.
Almseidin, M., Alzubi, M., Kovacs, S., & Alkasassbeh, M. (2017, September). Evaluation of machine learning algorithms for intrusion detection system. In 2017 IEEE 15th international symposium on intelligent systems and informatics (SISY) (pp. 000277-000282). IEEE.
Altunay, H. C., & Albayrak, Z. (2023). A hybrid CNN+ LSTM-based intrusion detection system for industrial IoT networks. Engineering Science and Technology, an International Journal, 38, 101322.
Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications surveys & tutorials, 18(2), 1153-1176.
Camarda, F., De Paola, A., Drago, S., Ferraro, P., & Re, G. L. (2025). Managing Concept Drift in Online Intrusion Detection Systems with Active Learning. In CEUR WORKSHOP PROCEEDINGS (Vol. 3962). CEUR-WS.
Chawla, N. V., Bowyer, K. W., Hall, L. O., & Kegelmeyer, W. P. (2002). SMOTE: synthetic minority over-sampling technique. Journal of artificial intelligence research, 16, 321-357.
Denning, D. E. (1987). An intrusion-detection model. IEEE Transactions on software engineering, (2), 222-232.
Elsayed, N., Zaghloul, Z. S., Azumah, S. W., & Li, C. (2021, August). Intrusion detection system in smart home network using bidirectional LSTM and convolutional neural networks hybrid model. In 2021 IEEE international midwest symposium on circuits and systems (MWSCAS) (pp. 55-58). IEEE.
Ghorsad, T. N., Zade, A. V., Wang, J., Li, K., Zhao, J., & Li, D. (2023). Hybrid CNN+ LSTM Deep Learning Model for Intrusions Detection Over IoT Environment. International Journal on Recent and Innovation Trends in Computing and Communication, 11, 01-11.
Gueriani, A., Kheddar, H., & Mazari, A. C. (2024, April). Enhancing iot security with cnn and lstm-based intrusion detection systems. In 2024 6th International Conference on Pattern Analysis and Intelligent Systems (PAIS) (pp. 1-7). IEEE.
Guyon, I., & Elisseeff, A. (2003). An introduction to variable and feature selection. Journal of machine learning research, 3(Mar), 1157-1182.
Hochreiter, S., & Schmidhuber, J. (1997). Long Short-Term Memory. Neural Computation, 9(8), 1735–1780. https://doi.org/10.1162/neco.1997.9.8.1735
https://doi.org/10.1109/milcis.2015.7348942
Ingre, B., Yadav, A., & Soni, A. K. (2017, March). Decision tree based intrusion detection system for NSL-KDD dataset. In International conference on information and communication technology for intelligent systems (pp. 207-218). Cham: Springer International Publishing.
Jouhari, M., Benaddi, H., & Ibrahimi, K. (2024, July). Efficient Intrusion Detection: Combining X 2 Feature Selection with CNN-BiLSTM on the UNSW-NB15 Dataset. In 2024 11th International Conference on Wireless Networks and Mobile Communications (WINCOM) (pp. 1-6). IEEE.
Khan, M. A. (2021). HCRNNIDS: Hybrid convolutional recurrent neural network-based network intrusion detection system. Processes, 9(5), 834.
Kimanzi, R., Kimanga, P., Cherori, D., & Gikunda, P. K. (2024). Deep Learning Algorithms Used in Intrusion Detection Systems-A Review.
Konur, U., Gürgen, F. S., Varol, F., & Akarun, L. (2015). Computer aided detection of spina bifida using nearest neighbor classification with curvature scale space features of fetal skulls extracted from ultrasound images. Knowledge-Based Systems, 85, 80-95.
Lin, W. C., Ke, S. W., & Tsai, C. F. (2015). CANN: An intrusion detection system based on combining cluster centers and nearest neighbors. Knowledge-based systems, 78, 13-21.
Lv, H., & Ding, Y. (2024). A hybrid intrusion detection system with K-means and CNN+ LSTM. ICST Trans. Scalable Inf. Syst, 11, 1-12.
Marzano, G., & Lubkina, V. (2017). A review of telerehabilitation solutions for balance disorders. Procedia Computer Science, 104, 250-257.
Mortazavi, F., Moradi, H., & Vahabie, A. H. (2024). Dynamic difficulty adjustment approaches in video games: a systematic literature review. Multimedia Tools and Applications, 83(35), 83227-83274.
Moustafa, N. and Slay, J. (2015) UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set). 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, 10-12 November 2015, 1-6.
Moustafa, N., & Slay, J. (2015). A hybrid feature selection for network intrusion detection systems: Central points.
Nguyen et al., 2023
Nguyen, T. P., Nam, H., & Kim, D. (2023). Transformer-based attention network for in-vehicle intrusion detection. IEEE Access, 11, 55389-55403.
Niyaz, Q., Sun, W., & Javaid, A. Y. (2017). A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN). EAI Endorsed Transactions on Security and Safety, 4(12).
Pansari, N., Srivastava, S., & Agarwal, M. (2024, April). Attack classification using machine learning on unsw-nb 15 dataset using xgboost feature selection & ablation analysis. In 2024 IEEE 9th International Conference for Convergence in Technology (I2CT) (pp. 1-9). IEEE.
Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z. B., & Swami, A. (2017, April). Practical black-box attacks against machine learning. In Proceedings of the 2017 ACM on Asia conference on computer and communications security (pp. 506-519).
Pareek, A., & Arora, N. (2020). Re-projected SURF features based mean-shift algorithm for visual tracking. Procedia Computer Science, 167, 1553-1560.
Patil, S., Varadarajan, V., Mazhar, S. M., Sahibzada, A., Ahmed, N., Sinha, O., ... & Kotecha, K. (2022). Explainable artificial intelligence for intrusion detection system. Electronics, 11(19), 3079.
Qazi, E. U. H., Faheem, M. H., & Zia, T. (2023). HDLNIDS: hybrid deep-learning-based network intrusion detection system. Applied Sciences, 13(8), 4921.
Qazi, Emad Ul Haq, Muhammad Hamza Faheem, and Tanveer Zia. "HDLNIDS: hybrid deep-learning-based network intrusion detection system." Applied Sciences 13.8 (2023): 4921.
Ring, M., Wunderlich, S., Scheuring, D., Landes, D., & Hotho, A. (2019). A survey of network-based intrusion detection data sets. Computers & security, 86, 147-167.
Sabahi, F., & Movaghar, A. (2008, October). Intrusion detection: A survey. In 2008 Third International Conference on Systems and Networks Communications (pp. 23-26). IEEE.
Said, R. B., Sabir, Z., & Askerzade, I. (2023). CNN-BiLSTM: a hybrid deep learning approach for network intrusion detection system in software-defined networking with hybrid feature selection. IEEE Access, 11, 138732-138747.
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp, 1(2018), 108-116.
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp, 1(2018), 108-116.
Shone, N., Ngoc, T. N., Phai, V. D., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE transactions on emerging topics in computational intelligence, 2(1), 41-50.
Sinha, P., Sahu, D., Prakash, S., Yang, T., Rathore, R. S., & Pandey, V. K. (2025). A high performance hybrid LSTM CNN secure architecture for IoT environments using deep learning. Scientific Reports, 15(1), 9684.
Talukder, M. A., Hasan, K. F., Islam, M. M., Uddin, M. A., Akhter, A., Yousuf, M. A., ... & Moni, M. A. (2023). A dependable hybrid machine learning model for network intrusion detection. Journal of Information Security and Applications, 72, 103405.
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009, July). A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications (pp. 1-6). Ieee.
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009, July). A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications (pp. 1-6). Ieee.
Truex, S., Baracaldo, N., Anwar, A., Steinke, T., Ludwig, H., Zhang, R., & Zhou, Y. (2019, November). A hybrid approach to privacy-preserving federated learning. In Proceedings of the 12th ACM workshop on artificial intelligence and security (pp. 1-11).
Ullah, F., Ullah, S., Srivastava, G., & Lin, J. C. W. (2024). IDS-INT: Intrusion detection system using transformer-based transfer learning for imbalanced network traffic. Digital Communications and Networks, 10(1), 190-204.
Unal, D., Hammoudeh, M., Khan, M. A., Abuarqoub, A., Epiphaniou, G., & Hamila, R. (2021). Integration of federated machine learning and blockchain for the provision of secure big data analytics for Internet of Things. Computers & Security, 109, 102393.
Vuong, T. C., Tran, H., Trang, M. X., Ngo, V. D., & Van Luong, T. (2022, November). A Comparison of Feature Selection and Feature Extraction in Network Intrusion Detection Systems. In 2022 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC) (pp. 1798-1804). IEEE.
Waghmode, P., Kanumuri, M., El-Ocla, H., & Boyle, T. (2025). Intrusion detection system based on machine learning using least square support vector machine. Scientific Reports, 15(1), 12066.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
