Hybrid AI-Driven Techniques for Enhancing ZeroDay Exploit Detection in Intrusion Detection System (IDS)

Hybrid AI-Driven Techniques for Enhancing ZeroDay Exploit Detection in Intrusion Detection System (IDS)

연구 분야: Strategies

학회: 2024 3rd International Conference on Artificial Intelligence, Internet of Things and Cloud Computing Technology (AIoTC)

Zero-day exploits present significant risks to cybersecurity by exploiting unknown vulnerabilities, making their identification and mitigation a key problem. Conventional Intrusion Detection Systems (IDS) frequently depend on signature-based or anomaly-based methodologies, which are ineffective in identifying new and sophisticated incidents of assault. This paper provides a new hybrid AI-driven strategy to boost zeroday exploit detection by the combination of deep learning and ensemble learning approaches. We have taken the UNSW-NB15 dataset, a complete and diversified reference for network intrusion models, to train and analyze our model. The suggested system leverages a hybrid architecture integrating Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks to capture both spatial and sequential features of network traffic efficiently. To further increase detection accuracy and resilience, we add ensemble approaches by combining random forest, gradient boosting, and Support Vector Machine (SVM) classifiers through a weighted voting mechanism. Our ensemble model achieves a detection accuracy of 97.8%, outperforming standard anomaly-based (IDS), vision transformer (ViT) and bidirectional encoder representations from transformers (BERT) by a wide margin. The model also demonstrates a low false-positive rate of 0.022 and high detection rates across multiple types of attacks, including previously undiscovered zero-day flaws. Performance studies employing criteria like accuracy, recall, F1score, AUC-ROC, false-positive rate, and detection rate indicate the importance and reliability of our methodology.