<p>This paper proposes a tri-component loss function framework integrated within Generative Adversarial Networks for network traffic augmentation in cybersecurity threat detection. The framework combines nine differentiable loss components: feature importance preservation via attention-based weighting, distribution alignment via Wasserstein distance, gradient regularization via gradient penalty, adversarial discrimination via hinge loss, embedding clustering via triplet constraints, curriculum scheduling via progressive difficulty adjustment, perturbation-aware training via projected gradient descent, multi-scale consistency via wavelet transform, and diversity promotion via cosine similarity regularization. We clarify that these components employ established techniques, with our contribution lying in their systematic integration and domain-specific adaptation rather than fundamentally new algorithms. Energy-aware adaptive attention dynamically allocates computational resources based on threat likelihood, reducing training energy consumption by 40% (76.8 kWh versus 128.4 kWh baseline). Experimental evaluation across seven cybersecurity datasets (NSL-KDD, UNSW-NB15, CIC-IDS2017, CIC-IDS2018, Bot-IoT, CICDDOS2019, CSE-CIC-IDS2018) yielded 98.73% accuracy and 0.987 F1-score. Ablation analysis revealed that 49.4% of improvement stems from addressing class imbalance through augmentation, while 50.6% derives from the proposed loss combination, with 2.0% additional synergistic benefit. Cross-dataset transfer achieved 87.45–94.23% accuracy without retraining. Adversarial robustness evaluation of 95.67% accuracy under perturbation budget ε = 0.3. Limitations include poor infiltration attack detection (16.44–28.13% recall) and ground truth verification covering only 1.8% of deployment samples. Statistical significance was confirmed with p-values below 0.0001 and Cohen’s d exceeding 3.4. The framework provides evidence that systematic integration of established techniques with domain-specific adaptation can yield measurable improvements in cybersecurity applications under the evaluated conditions. Generalization to broader deployment contexts warrants further investigation.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhanced cybersecurity threat detection using novel tri-metaheuristic loss functions in generative adversarial networks with adaptive attention preservation for network traffic augmentation

  • Heba M. Khalil,
  • Ahmed Elrefaiy,
  • Mostafa Elbaz,
  • Mohamed Loey

摘要

This paper proposes a tri-component loss function framework integrated within Generative Adversarial Networks for network traffic augmentation in cybersecurity threat detection. The framework combines nine differentiable loss components: feature importance preservation via attention-based weighting, distribution alignment via Wasserstein distance, gradient regularization via gradient penalty, adversarial discrimination via hinge loss, embedding clustering via triplet constraints, curriculum scheduling via progressive difficulty adjustment, perturbation-aware training via projected gradient descent, multi-scale consistency via wavelet transform, and diversity promotion via cosine similarity regularization. We clarify that these components employ established techniques, with our contribution lying in their systematic integration and domain-specific adaptation rather than fundamentally new algorithms. Energy-aware adaptive attention dynamically allocates computational resources based on threat likelihood, reducing training energy consumption by 40% (76.8 kWh versus 128.4 kWh baseline). Experimental evaluation across seven cybersecurity datasets (NSL-KDD, UNSW-NB15, CIC-IDS2017, CIC-IDS2018, Bot-IoT, CICDDOS2019, CSE-CIC-IDS2018) yielded 98.73% accuracy and 0.987 F1-score. Ablation analysis revealed that 49.4% of improvement stems from addressing class imbalance through augmentation, while 50.6% derives from the proposed loss combination, with 2.0% additional synergistic benefit. Cross-dataset transfer achieved 87.45–94.23% accuracy without retraining. Adversarial robustness evaluation of 95.67% accuracy under perturbation budget ε = 0.3. Limitations include poor infiltration attack detection (16.44–28.13% recall) and ground truth verification covering only 1.8% of deployment samples. Statistical significance was confirmed with p-values below 0.0001 and Cohen’s d exceeding 3.4. The framework provides evidence that systematic integration of established techniques with domain-specific adaptation can yield measurable improvements in cybersecurity applications under the evaluated conditions. Generalization to broader deployment contexts warrants further investigation.