A novel hybrid CNN-CBAM-GRU method for intrusion detection in modern networks

Abstract

With the rapid expansion and growing reliance on interconnected systems across industries, ensuring robust network security has become an increasingly critical and urgent concern. The complexity of modern networks, coupled with the evolving nature of cyber threats, underscores the importance of safeguarding sensitive data and infrastructure. Intrusion Detection Systems (IDS) play a pivotal and indispensable role in this context, serving as essential tools for detecting, analyzing, and mitigating a wide variety of sophisticated cyber threats. These systems are designed to monitor, identify, and respond to malicious activities within increasingly dynamic, high-speed, and complex network environments, ensuring operational resilience and security. Four models for intrusion detection in network environments are presented in this study, utilizing deep learning architectures: Convolutional Block Attention Modules (CBAM) with Convolutional Neural Network (CNN), Gated Recurrent Units (GRU), a sequential combination of CNN-CBAM and GRU, and a parallel combination of CNN-CBAM and GRU. The system is evaluated on UNSW-NB15 and NSL-KDD datasets for binary and multi-class classification tasks and are evaluated in comparison to other studies in the literature. Results indicate the parallel CNN-CBAM-GRU configuration achieves superior performance, with multi-class classification accuracies of 96.30 % and 99.56 % on UNSW-NB15 and NSL-KDD, respectively. The sequential CNN-CBAM-GRU model also delivers competitive results, achieving 96.19 % on UNSW-NB15 and 99.54 % on NSL-KDD. These findings highlight the effectiveness of the proposed IDS in modern network security environments.