An innovative model for an enhanced dual intrusion detection system using LZ‐JC‐DBSCAN, EPRC‐RPOA and EG‐GELU‐GRU

Abstract

AbstractThe rise of suspicious activities in network communication, driven by increased internet accessibility, necessitates the development of advanced intrusion detection systems (IDS). Existing IDS solutions often exhibit poor performance in detecting suspicious activity and fail to identify various attack types within packet capture (PCAP) files, which monitor network traffic. This paper proposes a deep learning‐based dual IDS model designed to address these issues. The process begins with utilizing the CSE‐CIC‐IDS2019 dataset to extract features from PCAP files. Suspicious activities are detected using the Exponential Geometric‐Gaussian Error Linear Units‐Gated Recurrent Unit (EG‐GELU‐GRU) method. Normal data undergoes further feature extraction and preprocessing through Log ZScore‐Jacosine Density‐Based Spatial Clustering of Applications with Noise (LZ‐JC‐DBSCAN). Feature selection is optimized using the Entropy Pearson R Correlation‐Red Panda optimization algorithm. Suspicious files are flagged, while load balancing is performed on normal data. Attack detection is achieved through word embedding with the Glorot Kaufman‐bidirectional encoder representations from transformers technique and classification via the EG‐GELU‐GRU model. Attacked packets are blocked, and the method is reapplied for attack‐type classification. Experimental results using Python demonstrate the model’s superior performance, achieving 98.18% accuracy and 98.73% precision, surpassing existing approaches and significantly enhancing intrusion detection capabilities.