@Article{jcs.2025.067979,
AUTHOR = {Junzhe Cheng},
TITLE = {Deep Learning-Driven Intrusion Detection and Defense Mechanisms: A Novel Approach to Mitigating Cyber Attacks},
JOURNAL = {Journal of Cyber Security},
VOLUME = {7},
YEAR = {2025},
NUMBER = {1},
PAGES = {343--357},
URL = {http://www.techscience.com/JCS/v7n1/63781},
ISSN = {2579-0064},
ABSTRACT = {We present a novel Transformer-based network intrusion detection system (IDS) that automatically learns complex feature relationships from raw traffic. Our architecture embeds both categorical (e.g., protocol, flag) and numerical (e.g., packet count, duration) inputs into a unified latent space with positional encodings, and processes them through multi-layer multi-head self-attention blocks. The Transformer’s global attention enables the IDS to capture subtle, long-range correlations in the data (e.g., coordinated multi-step attacks) without manual feature engineering. We complement the model with extensive data augmentation (SMOTE, GANs) to mitigate class imbalance and improve robustness. In evaluation on benchmark datasets (UNSW-NB15, CIC-IDS2017, NSL-KDD), the Transformer-IDS achieves ~99% precision and recall, significantly outperforming a CNN baseline and matching or exceeding recent deep-learning IDS methods. We conduct ablation studies to quantify the impact of design choices (number of attention heads, layers, attention type), and perform explainability analysis using SHAP values and attention-weight heatmaps to identify which features drive decisions. We also assess adversarial robustness, showing that the model’s accuracy degrades under FGSM/PGD attacks but can be partially recovered with adversarial training (drawn from trends in vision models). Finally, we evaluate real-time mitigation, integrating our IDS in a simulated SDN controller to measure detection latency and false-intercept rates under live traffic. Our results show the system can flag >98% of attacks with <1% false alarms, in ~1–2 ms per flow, making it practical for deployment. This work advances IDS research by combining high accuracy with transparency and robustness to unseen threats.},
DOI = {10.32604/jcs.2025.067979}
}