The Zoneout Regularized Gated Recurrent Unit Algorithm for Network Intrusion Detection with Class Imbalance Mitigation

K. Mala; H. S. Annapurna

doi:10.48084/etasr.11823

Authors

K. Mala Department of Computer Science and Engineering, Sri Siddhartha Institute of Technology, Sri, India | Siddhartha Academy of Higher Education, Tumakuru, India
H. S. Annapurna Department of Information Science and Engineering, Sri Siddhartha Institute of Technology, Sri, India | Siddhartha Academy of Higher Education, Tumakuru, India

Volume: 15 | Issue: 4 | Pages: 24758-24763 | August 2025 | https://doi.org/10.48084/etasr.11823

Received: 5 May 2025 | Revised: 12 May 2025 and 27 May 2025 | Accepted: 31 May 2025 | Online: 7 June 2025

Corresponding author: K. Mala

Abstract

This study used a Zoneout-Regularized Gated Recurrent Unit (ZR-GRU) to enhance the effectiveness of Network Intrusion Detection Systems (NIDSs) by maintaining long-term temporal patterns and reducing the risk of overfitting. In contrast to traditional models, ZR-GRU incorporates zoneout regularization to improve generalization over diverse network traffic patterns. To address the prevalent issue of class imbalance in network security datasets, the model integrates the Synthetic Minority Oversampling Technique (SMOTE) for oversampling minority classes and NearMiss for undersampling majority classes, promoting balanced class representation. The model was evaluated on three widely used benchmark datasets, UNSW-NB15, CICIDS 2018, and CIC-DDoS 2019, chosen due to their realistic network traffic characteristics and the diverse range of contemporary attack types. ZR-GRU achieved high accuracy rates of 99.91%, 99.92%, and 99.14% on these datasets, outperforming traditional architectures. The findings highlight the strength, flexibility, and effectiveness of the model for real-time and adaptive intrusion detection in diverse network settings.

Keywords:

gated recurrent unit, network intrusion detection system, near miss, synthetic minority oversampling technique, zoneout regularization

Downloads

Download data is not yet available.

References

N. Thockchom, M. M. Singh, and U. Nandi, "A novel ensemble learning-based model for network intrusion detection," Complex & Intelligent Systems, vol. 9, no. 5, pp. 5693–5714, Oct. 2023. DOI: https://doi.org/10.1007/s40747-023-01013-7

A. Abdelkhalek and M. Mashaly, "Addressing the class imbalance problem in network intrusion detection systems using data resampling and deep learning," The Journal of Supercomputing, vol. 79, no. 10, pp. 10611–10644, Jul. 2023. DOI: https://doi.org/10.1007/s11227-023-05073-x

A. K. Mananayaka and S. S. Chung, "Network Intrusion Detection with Two-Phased Hybrid Ensemble Learning and Automatic Feature Selection," IEEE Access, vol. 11, pp. 45154–45167, 2023. DOI: https://doi.org/10.1109/ACCESS.2023.3274474

Y. Xie and H. Chen, "A novel method for effective intrusion detection based on convolutional speaking neural networks," Journal of King Saud University - Computer and Information Sciences, vol. 36, no. 2, Feb. 2024, Art. no. 101975. DOI: https://doi.org/10.1016/j.jksuci.2024.101975

M. I. T. Hussan, G. V. Reddy, P. T. Anitha, A. Kanagaraj, and P. Naresh, "DDoS attack detection in IoT environment using optimized Elman recurrent neural networks based on chaotic bacterial colony optimization," Cluster Computing, vol. 27, no. 4, pp. 4469–4490, Jul. 2024. DOI: https://doi.org/10.1007/s10586-023-04187-4

S. Sivamohan and S. S. Sridhar, "An optimized model for network intrusion detection systems in industry 4.0 using XAI based Bi-LSTM framework," Neural Computing and Applications, vol. 35, no. 15, pp. 11459–11475, May 2023. DOI: https://doi.org/10.1007/s00521-023-08319-0

J. Zhao, Y. Liu, Q. Zhang, and X. Zheng, "CNN-AttBiLSTM Mechanism: A DDoS Attack Detection Method Based on Attention Mechanism and CNN-BiLSTM," IEEE Access, vol. 11, pp. 136308–136317, 2023. DOI: https://doi.org/10.1109/ACCESS.2023.3334916

R. Zhao, Y. Mu, L. Zou, and X. Wen, "A Hybrid Intrusion Detection System Based on Feature Selection and Weighted Stacking Classifier," IEEE Access, vol. 10, pp. 71414–71426, 2022. DOI: https://doi.org/10.1109/ACCESS.2022.3186975

Y. Yin et al., "IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset," Journal of Big Data, vol. 10, no. 1, Feb. 2023, Art. no. 15. DOI: https://doi.org/10.1186/s40537-023-00694-8

A. Ayantayo et al., "Network intrusion detection using feature fusion with deep learning," Journal of Big Data, vol. 10, no. 1, Nov. 2023, Art. no. 167. DOI: https://doi.org/10.1186/s40537-023-00834-0

R. H. Altaie and H. K. Hoomod, "An Intrusion Detection System using a Hybrid Lightweight Deep Learning Algorithm," Engineering, Technology & Applied Science Research, vol. 14, no. 5, pp. 16740–16743, Oct. 2024. DOI: https://doi.org/10.48084/etasr.7657

N. Moustafa and J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," in 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, Australia, Nov. 2015, pp. 1–6. DOI: https://doi.org/10.1109/MilCIS.2015.7348942

N. Moustafa and J. and Slay, "The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set," Information Security Journal: A Global Perspective, vol. 25, no. 1–3, pp. 18–31, Apr. 2016. DOI: https://doi.org/10.1080/19393555.2015.1125974

N. Moustafa, J. Slay, and G. Creech, "Novel Geometric Area Analysis Technique for Anomaly Detection Using Trapezoidal Area Estimation on Large-Scale Networks," IEEE Transactions on Big Data, vol. 5, no. 4, pp. 481–494, Sep. 2019. DOI: https://doi.org/10.1109/TBDATA.2017.2715166

N. Moustafa, G. Creech, and J. Slay, "Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models," in Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications, I. Palomares Carrascosa, H. K. Kalutarage, and Y. Huang, Eds. Springer International Publishing, 2017, pp. 127–156. DOI: https://doi.org/10.1007/978-3-319-59439-2_5

M. Sarhan, S. Layeghy, N. Moustafa, and M. Portmann, "NetFlow Datasets for Machine Learning-Based Network Intrusion Detection Systems," in Big Data Technologies and Applications, vol. 371, Z. Deze, H. Huang, R. Hou, S. Rho, and N. Chilamkurti, Eds. Springer International Publishing, 2021, pp. 117–135. DOI: https://doi.org/10.1007/978-3-030-72802-1_9

"IDS 2018." Canadian Institute for Cybersecurity, [Online]. Available: https://www.unb.ca/cic/datasets/ids-2018.html.

"DDoS 2019." Canadian Institute for Cybersecurity, [Online]. Available: https://www.unb.ca/cic/datasets/ddos-2019.html.

Y. G. Damtew, H. Chen, and Z. Yuan, "Heterogeneous Ensemble Feature Selection for Network Intrusion Detection System," International Journal of Computational Intelligence Systems, vol. 16, no. 1, Feb. 2023, Art. no. 9. DOI: https://doi.org/10.1007/s44196-022-00174-6

A. Shiravani, M. H. Sadreddini, and H. N. Nahook, "Network intrusion detection using data dimensions reduction techniques," Journal of Big Data, vol. 10, no. 1, Mar. 2023, Art. no. 27. DOI: https://doi.org/10.1186/s40537-023-00697-5

R. Devendiran and A. V. Turukmane, "Dugat-LSTM: Deep learning based network intrusion detection system using chaotic optimization strategy," Expert Systems with Applications, vol. 245, Jul. 2024, Art. no. 123027. DOI: https://doi.org/10.1016/j.eswa.2023.123027

M. B. Anley, A. Genovese, D. Agostinello, and V. Piuri, "Robust DDoS attack detection with adaptive transfer learning," Computers & Security, vol. 144, Sep. 2024, Art. no. 103962. DOI: https://doi.org/10.1016/j.cose.2024.103962

The Zoneout Regularized Gated Recurrent Unit Algorithm for Network Intrusion Detection with Class Imbalance Mitigation

Authors

Abstract

Keywords:

Downloads

References

Downloads

How to Cite

Metrics

License