The proposed model distinguishes itself through: (1) focus on brute-force attack detection with 99.78% class-specific F1-score, (2) PCA-based dimensionality reduction to 18 features (94.7% variance preserved), (3) rigorous statistical validation using Dietterich’s 5x2cv test, and (4) comprehensive focal loss evaluation for imbalance handling. These complementary approaches suggest that hybrid spatial-temporal architectures represent a consensus direction for high-performance intrusion detection.
1Anaedevha, R.N., Trofimov, A.G. and Borodachev, Y.V., 2026. Hybrid Spatial-Temporal Deep Learning for Privacy-Preserving Encrypted Traffic Intrusion Detection. TechRxiv. [Preprint]. doi: 10.36227/TECHRXIV.176799976.66603504/V1.
2Shen, M. et al., 2023. Machine Learning-Powered Encrypted Network Traffic Analysis: A Comprehensive Survey. IEEE Communications Surveys & Tutorials, 25(1), pp. 791–824. doi: 10.1109/COMST.2022.3208196.
3Hajjouz, A. and Avksentieva, E., 2024. Evaluating the Effectiveness of the CatBoost Classifier in Distinguishing Benign Traffic, FTP BruteForce and SSH BruteForce Traffic. In: 2024 9th International Conference on Signal and Image Processing (ICSIP). pp. 351–358. doi: 10.1109/ICSIP61881.2024.10671552.
4Moustafa, N. and Slay, J., 2015. UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS). doi: 10.1109/MILCIS.2015.7348942.
5Tavallaee, M., Bagheri, E., Lu, W. and Ghorbani, A.A., 2009. A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA 2009). doi: 10.1109/CISDA.2009.5356528.
6Hochreiter, S. and Schmidhuber, J., 1997. Long Short-Term Memory. Neural Computation, 9(8), pp. 1735–1780. doi: 10.1162/neco.1997.9.8.1735.
7Lecun, Y., Bengio, Y. and Hinton, G., 2015. Deep learning. Nature, 521(7553), pp. 436–444. doi: 10.1038/nature14539.
8Sharafaldin, I., Lashkari, A.H. and Ghorbani, A.A., 2018. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018). 2018-January, pp. 108–116. doi: 10.5220/0006639801080116.
9Susilo, B., Muis, A. and Sari, R.F., 2025. Intelligent Intrusion Detection System Against Various Attacks Based on a Hybrid Deep Learning Algorithm. Sensors, 25(2), p. 580. doi: 10.3390/s25020580.
10Gamage, S. and Samarabandu, J., 2020. Deep learning methods in network intrusion detection: A survey and an objective comparison. Journal of Network and Computer Applications, 169, p. 102767. doi: 10.1016/j.jnca.2020.102767.
11Fadlullah, Z.M., Tang, F., Mao, B., Kato, N., Akashi, O., Inoue, T. and Mizutani, K., 2017. State-of-the-Art Deep Learning: Evolving Machine Intelligence Toward Tomorrow’s Intelligent Network Traffic Control Systems. IEEE Communications Surveys & Tutorials, 19(4), pp. 2432–2455. doi: 10.1109/COMST.2017.2707140.
12Xiao, Y., Xing, C., Zhang, T. and Zhao, Z., 2019. An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks. IEEE Access, 7, pp. 42210–42219. doi: 10.1109/ACCESS.2019.2904620.
13Alsallal, M. et al., 2026. Intelligent Network Behavior Anomaly Detection Using LSTM-Based Deep Learning Models. Internet Technology Letters, 9(3). doi: 10.1002/itl2.70279
14Imrana, Y., Xiang, Y., Ali, L. and Abdul-Rauf, Z., 2021. A bidirectional LSTM deep learning approach for intrusion detection. Expert Systems with Applications, 185, p. 115524. doi: 10.1016/j.eswa.2021.115524.
15Yuan, X., Wan, J., An, D. and Pei, H., 2025. A novel encrypted traffic detection model based on detachable convolutional GCN-LSTM. Scientific Reports, 15(1), p. 27705. doi: 10.1038/s41598-025-13397-2.
16Liu, Z., Xie, Y., Luo, Y., Wang, Y. and Ji, X., 2025. TransECA-Net: A Transformer-Based Model for Encrypted Traffic Classification. Applied Sciences, 15(6), p. 2977. doi: 10.3390/app15062977.
17Sinha, P., Sahu, D., Prakash, S., Yang, T., Rathore, R.S. and Pandey, V.K., 2025. A high-performance hybrid LSTM CNN secure architecture for IoT environments using deep learning. Scientific Reports, 15(1). doi: 10.1038/s41598-025-94500-5.
18Wang, Z., Chen, H., Yang, S., Luo, X., Li, D. and Wang, J., 2023. A lightweight intrusion detection method for IoT based on deep learning and dynamic quantization. PeerJ Computer Science, 9, p. e1569. doi: 10.7717/peerj-cs.1569/supp-1.
19Azizjon, M., Jumabek, A. and Kim, W., 2020. 1D CNN based network intrusion detection with normalization on imbalanced data. In: 2020 International Conference on Artificial Intelligence in Information and Communication (ICAIIC). pp. 218–224. doi: 10.1109/ICAIIC48513.2020.9064976.
20Neto, E.C.P., Dadkhah, S., Ferreira, R., Zohourian, A., Lu, R. and Ghorbani, A.A., 2023. CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment. Sensors, 23(13), p. 5941. doi: 10.3390/s23135941.
21Upadhyay, S.K. and Vikas., 2026. Performance-Efficient Intrusion Detection for IoT Using CNN-BiLSTM and Incremental Principal Component Analysis. International Journal of Performability Engineering, 22(3), p. 128. doi: 10.23940/ijpe.26.03. p2.128137.
22Elreedy, D. and Atiya, A.F., 2019. A Comprehensive Analysis of Synthetic Minority Oversampling Technique (SMOTE) for handling class imbalance. Information Sciences, 505, pp. 32–64. doi: 10.1016/j.ins.2019.07.070.
23Lin, T.Y., Goyal, P., Girshick, R., He, K. and Dollar, P., 2017. Focal Loss for Dense Object Detection. In: Proceedings of the IEEE International Conference on Computer Vision (ICCV). pp. 2999–3007. doi: 10.1109/ICCV.2017.324.
24Stephan, J.J. and Mohammed, Q.M., 2024. Using Hybrid Deep Learning Approach to Enhanced Network Intrusion Detection with Spatial-Temporal Feature Integration. Ingénierie des Systèmes d’Information, 29(4), pp. 1619–1628. doi: 10.18280/isi.290435.
25Abdelhamid, S., Hegazy, I., Aref, M. and Roushdy, M., 2024. Attention-Driven Transfer Learning Model for Improved IoT Intrusion Detection. Big Data and Cognitive Computing, 8(9), p. 116. doi: 10.3390/bdcc8090116.
26H., R., T., M., Park, J. and Ram, S., 2004. Design science in information systems research. MIS Quarterly. doi: 10.5555/2017212.2017217.
27Registry of Open Data on AWS, 2026. A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018). Available at: https://registry.opendata.aws/cse-cic-ids2018/ [Accessed 13 April 2026].
28Gahtan, B., Shahla, R.J., Cohen, R. and Bronstein, A.M., 2024. Exploring QUIC Dynamics: A Large-Scale Dataset for Encrypted Traffic Analysis. In: 2025 IEEE International Mediterranean Conference on Communications and Networking (MeditCom). doi: 10.1109/MeditCom64437.2025.11104435.
29McMahan, H.B., Moore, E., Ramage, D., Sampson, S. and Arcas, B.A.y., 2017. Communication-Efficient Learning of Deep Networks from Decentralized Data. arXiv preprint arXiv:1602.05629.
30Beg, R., Nigam, N. and Sharma, Y.K. et al., 2026. Design of an integrated evidence-driven few-shot meta-learning for zero-day malware detection and forensic attributions. Scientific Reports. doi: 10.1038/s41598-026-43745-9.
31Ahmad, B., Y. Li, Z. Wu, S. U. Rehman, and Y. Huang, 2026. Improved attack detection in IoT and IIoT networks using attention mechanisms in convolutional neural networks. Expert Systems with Applications, 296(Part C), Art. no. 129021. doi: 10.1016/j.eswa.2025.129021.
32Ghosh, K.P., Hasan, M., Robin, M.T.I., Hossain, A. and Islam, S., 2025. A novel deep learning framework with temporal attention convolutional networks for intrusion detection in IoT and IIoT networks. Scientific Reports, 15, Art. no. 44624. doi: 10.1038/s41598-025-32697-1.
33Elwhishi, A., Younis, A.A. and Akhunzada, A., 2026. Attention-enhanced hybrid architecture for efficient intrusion detection in Industrial IoT. IEEE Open Journal of the Communications Society, 7, pp. 1330–1339. doi: 10.1109/OJCOMS.2026.3661768.
34L, G., Purbia, R., T, K. et al., 2026. IA-IDS: an intelligent adaptive intrusion detection system for IoT security using CNN, BiLSTM, and attention mechanism. Peer-to-Peer Networking and Applications, 19, Art. no. 32. doi: 10.1007/s12083-025-02177-4.
35R. Natarajan, S. Krishna and C. P. Ranjith, A Novel Federated Learning Framework for Healthcare Applications Using Wearable Devices, 2025 IEEE 4th International Conference on AI in Cybersecurity (ICAIC), Houston, TX, USA, 2025, pp. 1-6, doi: 10.1109/ICAIC63015.2025.10848974.