Optimizing Early Network Intrusion Detection: A Comparison of LSTM and LinearSVC with SMOTE on Imbalanced Data
DOI:
https://doi.org/10.52436/1.jutif.2025.6.6.4672Keywords:
Intrusion Detection System, LinearSVC, Network Traffic, S, SMOTEAbstract
This study aims to improve network intrusion detection systems (IDS) by addressing class imbalance in the CICIDS 2017 dataset. It compares the effectiveness of Long Short-Term Memory (LSTM) networks and Linear Support Vector Classifier (LinearSVC) in detecting intrusions, with a focus on the impact of Synthetic Minority Over-sampling Technique (SMOTE) for balancing the dataset. The dataset was preprocessed by removing irrelevant features, handling missing values, and applying Min-Max normalization. SMOTE was applied to balance the training dataset. Results showed that LSTM outperformed LinearSVC, especially in recall and F1-score, after applying SMOTE. This research highlights the benefits of combining LSTM with SMOTE to address class imbalance in IDS and emphasizes the importance of temporal sequence models like LSTM for detecting network intrusions. Future work could involve using the full dataset, exploring advanced feature engineering, and implementing more complex architectures to further enhance performance. This research underscores the critical need for improving network security by addressing the challenges of class imbalance in intrusion detection systems, which is vital for ensuring the real-time identification and mitigation of sophisticated cyber threats in the ever-evolving landscape of network security.
Downloads
References
R. L. Okyere, “Efficient Data Hiding Scheme Using Steganography and Cryptography Technique,” Adv. Multidiscip. Sci. Res. J. Publ., 2022, doi: 10.22624/aims/digital/v10n4p4.
M. A. Hayudini, “Network Infrastructure Management: Its Importance to the Organization,” Nat. Sci. Eng. Technol. J., 2021, doi: 10.37275/nasetjournal.v2i1.15.
D.-H. Park, “Virtuality Changes Consumer Preference: The Effect of Transaction Virtuality as Psychological Distance on Consumer Purchase Behavior,” Sustainability, 2019, doi: 10.3390/su11236618.
A. Priambodo, N. Anwar, and S. Suharno, “Is GRDP a Mediating Factor in Enhancing Local Tax Revenues Due to ICT Development in Indonesia?,” Nurture, 2024, doi: 10.55951/nurture.v18i3.722.
A. I. A. Alzahrani, M. Ayadi, M. M. Asiri, A. Al‐Rasheed, and A. Ksibi, “Detecting the Presence of Malware and Identifying the Type of Cyber Attack Using Deep Learning and VGG-16 Techniques,” Electronics, 2022, doi: 10.3390/electronics11223665.
M. J. Awan et al., “Real-Time DDoS Attack Detection System Using Big Data Approach,” Sustainability, 2021, doi: 10.3390/su131910743.
Y. Liu and L. Zhu, “A New Intrusion Detection and Alarm Correlation Technology Based on Neural Network,” Eurasip J. Wirel. Commun. Netw., 2019, doi: 10.1186/s13638-019-1419-z.
Y. Liu and Y. Guo, “Towards Real-Time Warning and Defense Strategy AI Planning for Cyber Security Systems Aided by Security Ontology,” Electronics, 2022, doi: 10.3390/electronics11244128.
H. Wang and X. Li, “Optimization of Network Security Intelligent Early Warning System Based on Image Matching Technology of Partial Differential Equation,” J. Cyber Secur. Mobil., 2024, doi: 10.13052/jcsm2245-1439.1336.
Z. Li, “A Neighbor Propagation Clustering Algorithm for Intrusion Detection,” Rev. Intell. Artif., 2020, doi: 10.18280/ria.340311.
L. Gong, T. Xu, W. Zhang, X. Li, X. Wang, and W. Pan, “Approach Research on the Techniques for Network Intrusion Detection Based on Data Mining,” 2015, doi: 10.2991/asei-15.2015.418.
V. Shah, A. K. Aggarwal, and N. K. Chaubey, “Performance Improvement of Intrusion Detection With Fusion of Multiple Sensors,” Complex Intell. Syst., 2016, doi: 10.1007/s40747-016-0033-5.
O. Ambavkar, P. Bharti, A. K. Chaurasiya, R. Chauhan, and M. Palinje, “Review on IDS Based on ML Algorithms,” Int. J. Res. Appl. Sci. Eng. Technol., vol. 10, no. 11, pp. 169–174, 2022, doi: 10.22214/ijraset.2022.47284.
S. H. Oh, J. Kim, J. H. Nah, and J. Park, “Employing Deep Reinforcement Learning to Cyber-Attack Simulation for Enhancing Cybersecurity,” Electronics, vol. 13, no. 3, p. 555, 2024, doi: 10.3390/electronics13030555.
W. Okori and S. Buteraba, “Cyber Security Exploits and Management in Telecommunication Companies: The Case of Uganda,” J. Comput. Sci. Technol. Stud., 2024, doi: 10.32996/jcsts.2024.6.4.10.
A. D. Riyanto, A. M. Wahid, and A. A. Pratiwi, “ANALYSIS OF FACTORS DETERMINING STUDENT SATISFACTION USING DECISION TREE, RANDOM FOREST, SVM, AND NEURAL NETWORKS: A COMPARATIVE STUDY,” J. Tek. Inform. Jutif, vol. 5, no. 4, Art. no. 4, Jul. 2024, doi: 10.52436/1.jutif.2024.5.4.2188.
A. Wijayanto, I. Riadi, Y. Prayudi, and T. Sudinugraha, “Network Forensics Against Address Resolution Protocol Spoofing Attacks Using Trigger, Acquire, Analysis, Report, Action Method,” Regist. J. Ilm. Teknol. Sist. Inf., 2023, doi: 10.26594/register.v8i2.2953.
S. F. Pratama and A. M. Wahid, “Fraudulent Transaction Detection in Online Systems Using Random Forest and Gradient Boosting,” J. Cyber Law, vol. 1, no. 1, Art. no. 1, Mar. 2025.
H. H. Ibrahim et al., “A Comprehensive Study of Distributed Denial-of-Service Attack With the Detection Techniques,” Int. J. Electr. Comput. Eng. Ijece, 2020, doi: 10.11591/ijece.v10i4.pp3685-3694.
A. Dogra and Taqdir, “DDOS Attack Detection and Handling Mechanism in WSN,” Int. J. Recent Technol. Eng., 2019, doi: 10.35940/ijrte.c5644.098319.
R. Singh and S. Kumar, “A Novel Algorithm to Detect Replay Attack in WLANs,” Int. J. Eng. Adv. Technol., 2019, doi: 10.35940/ijeat.a1437.109119.
A. M. Wahid, L. Afuan, and F. S. Utomo, “ENHANCING COLLABORATION DATA MANAGEMENT THROUGH DATA WAREHOUSE DESIGN: MEETING BAN-PT ACCREDITATION AND KERMA REPORTING REQUIREMENTS IN HIGHER EDUCATION,” J. Tek. Inform. Jutif, vol. 5, no. 6, Art. no. 6, Dec. 2024, doi: 10.52436/1.jutif.2024.5.6.1747.
Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yılmaz, and E. Akin, “A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions,” Electronics, vol. 12, no. 6, p. 1333, 2023, doi: 10.3390/electronics12061333.
Y. Liu and S. Li, “Hybrid Cyber Threats Detection Using Explainable AI in Industrial IoT,” 2023, doi: 10.1109/hccs59561.2023.10452621.
N. Gao, L. Gao, Q. Gao, and H. Wang, “An Intrusion Detection Model Based on Deep Belief Networks,” 2014, doi: 10.1109/cbd.2014.41.
V. Hnamte, H.-N. Nguyen, J. Hussain, and Y. Kim, “A Novel Two-Stage Deep Learning Model for Network Intrusion Detection: LSTM-AE,” Ieee Access, 2023, doi: 10.1109/access.2023.3266979.
M. Moukhafi, M. Tantaoui, I. Chana, and A. Bouazi, “Intelligent Intrusion Detection Through Deep Autoencoder and Stacked Long Short-Term Memory,” Int. J. Electr. Comput. Eng. Ijece, 2024, doi: 10.11591/ijece.v14i3.pp2908-2917.
M. N. Arefin and A. K. Muhammad Masum, “A Probabilistic Approach for Missing Data Imputation,” Complexity, 2024, doi: 10.1155/2024/4737963.
B. Deore and S. Bhosale, “Hybrid Optimization Enabled Robust CNN-LSTM Technique for Network Intrusion Detection,” Ieee Access, 2022, doi: 10.1109/access.2022.3183213.
H. M. Kamal and M. Mashaly, “Advanced Hybrid Transformer-CNN Deep Learning Model for Effective Intrusion Detection Systems With Class Imbalance Mitigation Using Resampling Techniques,” Future Internet, 2024, doi: 10.3390/fi16120481.
Y. Zhang, L. Zhang, and X. Zheng, “Enhanced Intrusion Detection for ICS Using MS1DCNN and Transformer to Tackle Data Imbalance,” Sensors, 2024, doi: 10.3390/s24247883.
S. Kudithipudi, N. Narisetty, G. R. Kancherla, and B. Bobba, “Evaluating the Efficacy of Resampling Techniques in Addressing Class Imbalance for Network Intrusion Detection Systems Using Support Vector Machines,” Ingénierie Systèmes Inf., 2023, doi: 10.18280/isi.280511.
Y. G. Damtew and H. Chen, “SMMO-CoFS: Synthetic Multi-Minority Oversampling With Collaborative Feature Selection for Network Intrusion Detection System,” Int. J. Comput. Intell. Syst., 2023, doi: 10.1007/s44196-022-00171-9.
A. Benchama and K. Zebbara, “Fine-Tuning CNN-BiGRU for Intrusion Detection With SMOTE Optimization Using Optuna,” Salud Cienc. Tecnol. - Ser. Conf., 2024, doi: 10.56294/sctconf2024968.
A. D. Vibhute et al., “An LSTM‐based Novel Near‐real‐time Multiclass Network Intrusion Detection System for Complex Cloud Environments,” Concurr. Comput. Pract. Exp., 2024, doi: 10.1002/cpe.8024.
S. Alsudani and A. Ghazikhani, “Enhancing Intrusion Detection With LSTM Recurrent Neural Network Optimized by Emperor Penguin Algorithm,” Wasit J. Comput. Math. Sci., 2023, doi: 10.31185/wjcms.166.
S. F. Pratama and A. M. Wahid, “Mining Public Sentiment and Trends in Social Media Discussions on Indonesian Presidential Candidates Using Support Vector Machines,” J. Digit. Soc., vol. 1, no. 2, Art. no. 2, Jun. 2025, doi: 10.63913/jds.v1i2.8.
Y. Li, R. Zhang, P. Zhao, and Y. Wei, “Feature-Attended Federated LSTM for Anomaly Detection in the Financial Internet of Things,” Appl. Sci., 2024, doi: 10.3390/app14135555.
T. Arjunan, “Real-Time Detection of Network Traffic Anomalies in Big Data Environments Using Deep Learning Models,” Int. J. Res. Appl. Sci. Eng. Technol., vol. 12, no. 3, pp. 844–850, 2024, doi: 10.22214/ijraset.2024.58946.
Y. Zhang, J. Wang, Y. Chen, H. Yu, and T. Qin, “Adaptive Memory Networks With Self-Supervised Learning for Unsupervised Anomaly Detection,” Ieee Trans. Knowl. Data Eng., 2023, doi: 10.1109/tkde.2021.3139916.
Y. Fan, L. Zhang, and K. Li, “AE-BiLSTM: Multivariate Time-Series EMI Anomaly Detection in 5g-R High-Speed Rail Wireless Communications,” 2024, doi: 10.1109/iccworkshops59551.2024.10615719.
Y. Shao et al., “An Improved BGE-Adam Optimization Algorithm Based on Entropy Weighting and Adaptive Gradient Strategy,” Symmetry, 2024, doi: 10.3390/sym16050623.
D. Shulman, “Optimization Methods in Deep Learning: A Comprehensive Overview,” 2023, doi: 10.48550/arxiv.2302.09566.
G. Li and Y. Dai, “Time Series Anomaly Detection Using LSTM and Attention,” 2024, doi: 10.1117/12.3035015.
Additional Files
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Khabib Adi Nugroho, Taqwa Hariguna, Azhari Shouni Barkah
This work is licensed under a Creative Commons Attribution 4.0 International License.
