Статья

Signature-based intrusion detection using machine learning and deep learning approaches empowered with fuzzy clustering

Usama AhmedDepartment of Artificial Intelligence, School of Systems and Technology, University of Management and Technology, Lahore, 54700, PakistanMohammad NazirDepartment of Computer Science and Information Technology, The Islamia University of Bahawalpur, Bahawalpur, PakistanAmna SarwarDepartment of Computer Science, University of Wah, Wah Cantt, PakistanTariq AliArtificial Intelligence and Sensing Technologies (AIST) Research Center, University of Tabuk, Tabuk, 71491, Saudi Arabia. [email protected]El‐Hadi M. AggouneArtificial Intelligence and Sensing Technologies (AIST) Research Center, University of Tabuk, Tabuk, 71491, Saudi ArabiaTariq ShahzadDepartment of Computer Engineering, COMSATS University Islamabad, Sahiwal Campus, Sahiwal, 57000, PakistanMuhammad Adnan KhanDepartment of Software, Faculty of Artificial Intelligence and Software, Gachon University, Seongnam-si, 13120, Republic of Korea. [email protected]

2025en

ABI

Аннотация

Network security is crucial in today's digital world, since there are multiple ongoing threats to sensitive data and vital infrastructure. The aim of this study to improve network security by combining methods for instruction detection from machine learning (ML) and deep learning (DL). Attackers have tried to breach security systems by accessing networks and obtaining sensitive information.Intrusion detection systems (IDSs) are one of the significant aspect of cybersecurity that involve the monitoring and analysis, with the intention of identifying and reporting of dangerous activities that would help to prevent the attack.Support Vector Machine (SVM), K-Nearest Neighbors (KNN), Random Forest (RF), Decision Tree (DT), Long Short-Term Memory (LSTM), and Artificial Neural Network (ANN) are the vector figures incorporated into the study through the results. These models are subjected to various test to established the best results on the identification and prevention of network violation. Based on the obtained results, it can be stated that all the tested models are capable of organizing data originating from network traffic. thus, recognizing the difference between normal and intrusive behaviors, models such as SVM, KNN, RF, and DT showed effective results. Deep learning models LSTM and ANN rapidly find long-term and complex pattern in network data. It is extremely effective when dealing with complex intrusions since it is characterised by high precision, accuracy and recall.Based on our study, SVM and Random Forest are considered promising solutions for real-world IDS applications because of their versatility and explainability. For the companies seeking IDS solutions which are reliable and at the same time more interpretable, these models can be promising. Additionally, LSTM and ANN, with their ability to catch successive conditions, are suitable for situations involving nuanced, advancing dangers.

Перевод пока недоступен

Идентификаторы

DOI: 10.1038/s41598-025-85866-7

Цитирования и источники

Цитирований: 3Использованных источников: 0

Показатели — AkademScholar