Zero-day attack detection with a Dynamic-Weighted Contractive Autoencoder and GAN-based evaluation

IF 4.9 3区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computers & Electrical Engineering Pub Date : 2025-09-01 DOI:10.1016/j.compeleceng.2025.110650

M. Franckie Singha, Ripon Patgiri, Zeba Shamsi, Laiphrakpam Dolendro Singh

{"title":"Zero-day attack detection with a Dynamic-Weighted Contractive Autoencoder and GAN-based evaluation","authors":"M. Franckie Singha, Ripon Patgiri, Zeba Shamsi, Laiphrakpam Dolendro Singh","doi":"10.1016/j.compeleceng.2025.110650","DOIUrl":null,"url":null,"abstract":"<div><div>Anomaly detection, which has faced quite a challenge in zero-day attacks whose nature is novel and unpredictable, shall be addressed here. This research proposes a novel method for zero-day attacks with an adaptive loss-based Dynamic-Weighted Contractive Autoencoder (DW-CAE). The proposed method differs from the traditional autoencoder approach because it balances reconstruction and Contractive penalty and pays particular attention to features that are difficult to reconstruct. The training of DW-CAE on normal data learns invariant feature representations that enable the efficient detection of anomalies based on high reconstruction errors. The dynamic weighting mechanism further enhances the adaptive balancing of reconstruction and Contractive penalty to increase the model’s sensitivity and robustness against unseen attacks. Furthermore, we have utilized GANs to generate novel synthetic zero-day attack data for rigorous evaluation of the model. CAE and dynamic weight coordination introduce an innovative and robust model for detecting zero-day attacks. Experimental results are shown on the CICIoT2023, CICDDoS2019, ToN-IoT, and synthetic datasets, validating the performance of the proposed approach. The proposed DW-CAE demonstrates a significant performance gain over the fixed-weight CAE, achieving a significant improvement across the three benchmark datasets, highlighting its effectiveness across diverse intrusion detection scenarios.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"128 ","pages":"Article 110650"},"PeriodicalIF":4.9000,"publicationDate":"2025-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Electrical Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0045790625005932","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Anomaly detection, which has faced quite a challenge in zero-day attacks whose nature is novel and unpredictable, shall be addressed here. This research proposes a novel method for zero-day attacks with an adaptive loss-based Dynamic-Weighted Contractive Autoencoder (DW-CAE). The proposed method differs from the traditional autoencoder approach because it balances reconstruction and Contractive penalty and pays particular attention to features that are difficult to reconstruct. The training of DW-CAE on normal data learns invariant feature representations that enable the efficient detection of anomalies based on high reconstruction errors. The dynamic weighting mechanism further enhances the adaptive balancing of reconstruction and Contractive penalty to increase the model’s sensitivity and robustness against unseen attacks. Furthermore, we have utilized GANs to generate novel synthetic zero-day attack data for rigorous evaluation of the model. CAE and dynamic weight coordination introduce an innovative and robust model for detecting zero-day attacks. Experimental results are shown on the CICIoT2023, CICDDoS2019, ToN-IoT, and synthetic datasets, validating the performance of the proposed approach. The proposed DW-CAE demonstrates a significant performance gain over the fixed-weight CAE, achieving a significant improvement across the three benchmark datasets, highlighting its effectiveness across diverse intrusion detection scenarios.

查看原文本刊更多论文

基于动态加权压缩自编码器和gan评估的零日攻击检测

在性质新颖、不可预测的零日攻击中，异常检测面临着相当大的挑战。本研究提出了一种基于自适应损失的动态加权压缩自编码器（DW-CAE）的零日攻击新方法。该方法与传统的自编码器方法不同，因为它平衡了重建和收缩惩罚，并特别关注难以重建的特征。DW-CAE在正常数据上的训练学习不变的特征表示，从而能够基于高重构误差有效地检测异常。动态加权机制进一步增强了重构和收缩惩罚的自适应平衡，提高了模型对不可见攻击的敏感性和鲁棒性。此外，我们利用gan生成新的综合零日攻击数据，以对模型进行严格评估。CAE和动态权重协调为检测零日攻击引入了一种创新的鲁棒模型。在CICIoT2023、CICDDoS2019、ToN-IoT和合成数据集上进行了实验，验证了该方法的性能。与固定权重CAE相比，所提出的DW-CAE表现出了显著的性能提升，在三个基准数据集上实现了显著的改进，突出了其在不同入侵检测场景中的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Electrical Engineering 工程技术-工程：电子与电气

CiteScore

9.20

自引率

7.00%

发文量

661

审稿时长

47 days

期刊介绍： The impact of computers has nowhere been more revolutionary than in electrical engineering. The design, analysis, and operation of electrical and electronic systems are now dominated by computers, a transformation that has been motivated by the natural ease of interface between computers and electrical systems, and the promise of spectacular improvements in speed and efficiency. Published since 1973, Computers & Electrical Engineering provides rapid publication of topical research into the integration of computer technology and computational techniques with electrical and electronic systems. The journal publishes papers featuring novel implementations of computers and computational techniques in areas like signal and image processing, high-performance computing, parallel processing, and communications. Special attention will be paid to papers describing innovative architectures, algorithms, and software tools.