The rapid growth of IoT devices and connected infrastructures has amplified vulnerabilities, making networks highly susceptible to sophisticated cyber-attacks. Traditional Intrusion Detection and Prevention Systems (IDPS) often suffer from high false positives, limited adaptability, and poor responsiveness to zero-day attacks. To overcome these challenges, this paper proposes a novel real-time Network Intrusion Detection and Prevention System (NIDPS) that integrates self-supervised learning with ensemble-based machine learning in a Software-Defined Networking (SDN) environment. The proposed framework introduces two main core contributions. First, a soft voting ensemble classifier combining Decision Tree, Random Forest, Logistic Regression, and LightGBM is employed to achieve high accuracy in multiclass Intrusion detection. Second, a self-supervised autoencoder trained exclusively on benign traffic enables anomaly-based detection of zero-day and previously unseen attacks, enhancing adaptability. Detected threats are dynamically blocked using SDN-enabled flow rules, ensuring real-time mitigation without disrupting legitimate traffic. Experimental evaluation on the RT-IoT2022 dataset demonstrates the system’s superior performance. The model achieved 99.7% detection accuracy, with precision, recall, and F1-scores near 98%, AUC-ROC of 1.0, and log-loss of 0.01. The mitigation engine further showed strong efficiency with a Mean Time to Mitigate (MTTM) of 18 ms, Latency of 15–20 ms, throughput of 700 packets/sec, and blocking precision of 95% with only a 5% evasion rate. These results validate the proposed NIDPS as a scalable, low-latency, and highly accurate solution for protecting cyber-physical and IoT networks, ensuring resilience against both known and emerging cyber threats.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

An Intelligent Intrusion Detection and Mitigation Model Using Self-Supervised Auto Encoders and Ensemble Learning

  • Veena S. Badiger,
  • Gopal K. Shyam

摘要

The rapid growth of IoT devices and connected infrastructures has amplified vulnerabilities, making networks highly susceptible to sophisticated cyber-attacks. Traditional Intrusion Detection and Prevention Systems (IDPS) often suffer from high false positives, limited adaptability, and poor responsiveness to zero-day attacks. To overcome these challenges, this paper proposes a novel real-time Network Intrusion Detection and Prevention System (NIDPS) that integrates self-supervised learning with ensemble-based machine learning in a Software-Defined Networking (SDN) environment. The proposed framework introduces two main core contributions. First, a soft voting ensemble classifier combining Decision Tree, Random Forest, Logistic Regression, and LightGBM is employed to achieve high accuracy in multiclass Intrusion detection. Second, a self-supervised autoencoder trained exclusively on benign traffic enables anomaly-based detection of zero-day and previously unseen attacks, enhancing adaptability. Detected threats are dynamically blocked using SDN-enabled flow rules, ensuring real-time mitigation without disrupting legitimate traffic. Experimental evaluation on the RT-IoT2022 dataset demonstrates the system’s superior performance. The model achieved 99.7% detection accuracy, with precision, recall, and F1-scores near 98%, AUC-ROC of 1.0, and log-loss of 0.01. The mitigation engine further showed strong efficiency with a Mean Time to Mitigate (MTTM) of 18 ms, Latency of 15–20 ms, throughput of 700 packets/sec, and blocking precision of 95% with only a 5% evasion rate. These results validate the proposed NIDPS as a scalable, low-latency, and highly accurate solution for protecting cyber-physical and IoT networks, ensuring resilience against both known and emerging cyber threats.