Author
Kolle Likhitha, V. Vijayalakshmi
Keywords
Intrusion Detection System; Deep Learning; NSL-KDD; Network Security; Multi-Class Classification.
Abstract
The rapid expansion of networked computing systems has significantly increased the exposure of digital infrastructures to sophisticated cyber threats. Traditional intrusion detection systems, primarily based on signature matching techniques, are often ineffective in identifying emerging and unknown attack patterns. These limitations necessitate the adoption of intelligent and adaptive approaches capable of analyzing complex network behaviors. CyberShield AI is proposed as a deep learning–based intrusion detection framework designed to enhance the detection of both known and novel cyber-attacks through behavioral analysis of network traffic. The system utilizes the NSL-KDD dataset, which consists of network connection records described by forty-one features, including basic attributes, content-based features, time-dependent traffic characteristics, and host-based statistical measures. Each data instance is categorized as either normal or belonging to one of four major attack classes: Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). These diverse feature representations enable the model to learn complex intrusion patterns effectively. CyberShield AI employs a deep neural network architecture incorporating multiple fully connected layers, along with techniques such as batch normalization, dropout regularization, and Rectified Linear Unit (ReLU) activation functions to improve learning efficiency and prevent overfitting. The trained model demonstrates high accuracy and robustness in classifying network traffic across different attack categories. Furthermore, the system is integrated into a web-based dashboard that provides real-time intrusion detection capabilities for security analysts. It allows users to input network traffic data, obtain classification results with confidence scores, and receive actionable insights for threat mitigation. Additionally, a continuous monitoring and update mechanism ensures that the system adapts to evolving network conditions, maintaining consistent performance and reliability.
References
[1] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A Detailed Analysis of the KDD Cup 99 Data Set,” Proceedings of the IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, pp. 1–6.
[2] A. Paszke, S. Gross, F. Massa, et al., “PyTorch: An Imperative Style, High-Performance Deep Learning Library,” Advances in Neural Information Processing Systems, Vol. 32, 2019, pp. 8026–8037.
[3] S. Ioffe and C. Szegedy, “Batch Normalization: Accelerating Deep Network Training by Reducing Internal Covariate Shift,” Proceedings of the 32nd International Conference on Machine Learning, 2015, pp. 448–456.
[4] N. Srivastava, G. Hinton, A. Krizhevsky, I. Sutskever, and R. Salakhutdinov, “Dropout: A Simple Way to Prevent Neural Networks from Overfitting,” Journal of Machine Learning Research, Vol. 15, 2014, pp. 1929–1958.
[5] D. P. Kingma and J. Ba, “Adam: A Method for Stochastic Optimization,” International Conference on Learning Representations (ICLR), 2015.
[6] F. Pedregosa, G. Varoquaux, A. Gramfort, et al., “Scikit-learn: Machine Learning in Python,” Journal of Machine Learning Research, Vol. 12, 2011, pp. 2825–2830.
[7] N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, “SMOTE: Synthetic Minority Over-sampling Technique,” Journal of Artificial Intelligence Research, Vol. 16, 2002, pp. 321–357.
[8] S. M. Lundberg and S. I. Lee, “A Unified Approach to Interpreting Model Predictions,” Advances in Neural Information Processing Systems, Vol. 30, 2017, pp. 4765–4774.
[9] A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cybersecurity Intrusion Detection,” IEEE Communications Surveys and Tutorials, Vol. 18, No. 2, 2016, pp. 1153–1176.
[10] I. Goodfellow, Y. Bengio, and A. Courville, Deep Learning, MIT Press, Cambridge, Massachusetts, 2016.
[11] W. McKinney, “Data Structures for Statistical Computing in Python,” Proceedings of the 9th Python in Science Conference, 2010, pp. 56–61.
[12] G. Kim, H. Lim, and Y. Lee, “An Intrusion Detection System Based on Convolutional Neural Network for Imbalanced Network Traffic,” Electronics, Vol. 9, No. 10, 2020, p. 1583.
[13] K.K. Rakesh, Dr. A. S. Aneeshkumar, “Optimization of fuzzy logic-based Genetic Algorithm Technique in wireless sensor network Protocols”, International Journal of Intelligent Systems and Applications in Engineering, Vol.12(14), 2024, pp. 548–556.
[14] X. Guo, “Deep Learning-Based Network Intrusion Detection Using NSL-KDD Dataset,” Proceedings of the International Conference on Computing and Data Science, 2021, pp. 112–118.
[15] C. Zhang, M. Renz, and C. Lim, “Deep Learning Intrusion Detection Model Based on Optimized Feature Selection,” Applied Sciences, Vol. 9, No. 16, 2019, p. 3381.
[16] G. V. Rossum and F. L. Drake, Python 3 Reference Manual, CreateSpace, Scotts Valley, California, 2009.
[2] A. Paszke, S. Gross, F. Massa, et al., “PyTorch: An Imperative Style, High-Performance Deep Learning Library,” Advances in Neural Information Processing Systems, Vol. 32, 2019, pp. 8026–8037.
[3] S. Ioffe and C. Szegedy, “Batch Normalization: Accelerating Deep Network Training by Reducing Internal Covariate Shift,” Proceedings of the 32nd International Conference on Machine Learning, 2015, pp. 448–456.
[4] N. Srivastava, G. Hinton, A. Krizhevsky, I. Sutskever, and R. Salakhutdinov, “Dropout: A Simple Way to Prevent Neural Networks from Overfitting,” Journal of Machine Learning Research, Vol. 15, 2014, pp. 1929–1958.
[5] D. P. Kingma and J. Ba, “Adam: A Method for Stochastic Optimization,” International Conference on Learning Representations (ICLR), 2015.
[6] F. Pedregosa, G. Varoquaux, A. Gramfort, et al., “Scikit-learn: Machine Learning in Python,” Journal of Machine Learning Research, Vol. 12, 2011, pp. 2825–2830.
[7] N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, “SMOTE: Synthetic Minority Over-sampling Technique,” Journal of Artificial Intelligence Research, Vol. 16, 2002, pp. 321–357.
[8] S. M. Lundberg and S. I. Lee, “A Unified Approach to Interpreting Model Predictions,” Advances in Neural Information Processing Systems, Vol. 30, 2017, pp. 4765–4774.
[9] A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cybersecurity Intrusion Detection,” IEEE Communications Surveys and Tutorials, Vol. 18, No. 2, 2016, pp. 1153–1176.
[10] I. Goodfellow, Y. Bengio, and A. Courville, Deep Learning, MIT Press, Cambridge, Massachusetts, 2016.
[11] W. McKinney, “Data Structures for Statistical Computing in Python,” Proceedings of the 9th Python in Science Conference, 2010, pp. 56–61.
[12] G. Kim, H. Lim, and Y. Lee, “An Intrusion Detection System Based on Convolutional Neural Network for Imbalanced Network Traffic,” Electronics, Vol. 9, No. 10, 2020, p. 1583.
[13] K.K. Rakesh, Dr. A. S. Aneeshkumar, “Optimization of fuzzy logic-based Genetic Algorithm Technique in wireless sensor network Protocols”, International Journal of Intelligent Systems and Applications in Engineering, Vol.12(14), 2024, pp. 548–556.
[14] X. Guo, “Deep Learning-Based Network Intrusion Detection Using NSL-KDD Dataset,” Proceedings of the International Conference on Computing and Data Science, 2021, pp. 112–118.
[15] C. Zhang, M. Renz, and C. Lim, “Deep Learning Intrusion Detection Model Based on Optimized Feature Selection,” Applied Sciences, Vol. 9, No. 16, 2019, p. 3381.
[16] G. V. Rossum and F. L. Drake, Python 3 Reference Manual, CreateSpace, Scotts Valley, California, 2009.
Received: 20 March 2026
Accepted: 24 May 2026
Published: 27 May 2026
DOI: 10.30726/ijlca/v13.i2.2026.132019