An Integrated Deep Learning Framework for Detecting Botnets, Zero-Day Exploits, and Side-Channel Attacks in Network Traffic
摘要
The expanding network landscape has led to an increase in the number and diversity of cyberattacks, highlighting the limitations of traditional intrusion detection systems (IDSs). Some types of evasive attacks, such as botnet-based intrusions, zero-day exploits, and side-channel attacks, are difficult to detect. This study proposes a hybrid AI-based model for detecting such attacks in large-scale network environments. The proposed model combines the strengths of several deep learning models, including CNN, BiLSTM, and Autoencoder. Where each model can detect anomalies across diverse traffic patterns. Due to the lack of a dataset that combines these three attacks, three standard public datasets were used—CICIDS2023, TON_IoT, and BoT-IoT. The proposed model involved several stages, including preprocessing, feature selection, and hyperparameter optimization, to improve detection performance. The results demonstrated the effectiveness of the proposed model, achieving a high accuracy rate of 98.2% with low false positive rates. This indicates that combining the capabilities of different models produces a model capable of adaptability, scalability, and detection accuracy. This provides significant impetus for the development of a new generation of advanced intrusion detection systems capable of protecting network infrastructures from advanced cyber threats.