scieee Science in your language
[en] (orig)

An Efficient system based on Artificial Intelligence for the Detection and Mitigation of network Intrusion using encrypted traffic protocols: A Systematic Approach

Author: Annual Methodological Archive Research Review (AMARR)
Publisher: Zenodo
DOI: 10.5281/zenodo.17551668
Source: https://zenodo.org/records/17551668/files/Muhammad+Waleed+Khawar+et+al..pdf
h p://am esea ch e iew.com/index.php/Jou nal/abou
32
DOI: A ailabili y
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
1*Muhammad Waleed Khawa , 2Nasi Ayub, Sam a Shaheen, 3Beenish I ikha , Haj a Masood, Amma Ahmad,
Hamayun Khan
An E icien sys em based on A i icial In elligence o he De ec ion and Mi iga ion o
ne wo k In usion using enc yp ed a ic p o ocols: A Sys ema ic App oach
A icle De ails
A
B
S
T
R
A
C
T
Keywo ds: Machine Lea ning, Deep Neu al
Ne wo k, CNN, P edic ion models, In e ne o
Things, Th ea De ec ion, Ne wo ks
Muhammad Waleed Khawa *
(Co esponding Au ho )
Depa men o In o ma ion Technology, Inno a
Ne wo ks, Laho e, 54000, Pakis an
waleedkhawa [email protected]
Nasi Ayub
Depu y Head o Enginee ing Cal om Limi ed,
M16EG, Uni ed Kingdom
nasi .ayyub@ho mail.com
Sam a Shaheen
Depa men o In o ma ion Technology, Inno a
Ne wo ks, Laho e, 54000, Pakis an
sam [email protected]
Beenish I ikha
Depa men o Compu e Science, Facul y o
Compu e Science & IT, Supe io Uni e si y
Laho e, 54000, Pakis an
beeenishi ikha @gmail.com
Haj a Masood
Depa men o Compu e Science, Bah ia
Uni e si y Ka achi Campus, Ka achi, Pakis an
haj a.bukc@bah ia.edu.pk
Amma Ahmad
Depa men o In o ma ion Technology,
Facul y o Compu e Science & IT, Supe io
Uni e si y Laho e, 54000, Pakis an
amma ahmed99[email p o ec ed]
Hamayun Khan
Depa men o Compu e Science, Facul y o
Compu e Science & IT, Supe io Uni e si y
Laho e, 54000, Pakis an
hamayun.khan@supe io .edu.pk
In usion de ec ion is a c ucial aspec o cybe secu i y, as a acke s inc easingly
exploi enc yp ed a ic o conceal hei malicious ac i i ies. While enc yp ion
enhances p i acy and con iden iali y, i also limi s he e ec i eness o
adi ional In usion De ec ion Sys ems (IDS), which p ima ily ely on
inspec ing he payload. Ye , hese cu -edge echnologies come wi h daily
disas ous, e e -inc easing cybe a acks on sensi i e da a in he IoT-based
en i onmen . Hence, he e is a con inued need o g oundb eaking s eng hs o
AI-based models o de elop and implemen in usion de ec ion sys ems (IDSs)
o a as and mi iga e hese ugly cybe - h ea s wi h IoT-based sys ems.
The e o e, his chap e discusses he secu i y issues wi hin IoT-based
en i onmen s and he applica ion o AI models o secu i y and p i acy in IoT-
based o a secu e ne wo k. The a icle p oposes a hyb id AI-model amewo k
o in usion de ec ion in an IoT-based en i onmen using CIC-IDS2017and
UNSW-NB15 o es he p oposed model's pe o mance. The model pe o med
be e wi h an accu acy o 99.45%, wi h a de ec ion a e o 99.75%. The esul s
om he p oposed model show ha he classi ie pe o ms a be e when
compa ed wi h exis ing wo k using he same da ase s, hus p o ing mo e
e ec i e in he classi ica ion o in ude s and a acke s on IoT-based sys ems.
A i icial In elligence (AI)-based app oaches o in usion de ec ion in enc yp ed
ne wo k a ic, u ilizing Machine Lea ning (ML) and Deep Lea ning (DL)
me hods ha lea n beha io al and s a is ical pa e ns, a he han elying solely
on packe con en s. Models such as Suppo Vec o Machines (SVM), Random
Fo es (RF), Con olu ional Neu al Ne wo ks (CNN), and Recu en Neu al
Ne wo ks (RNN) a e examined in he con ex using s anda d da ase s, such as
CICIDS2017, NSL-KDD, and UNSW-NB15. The a icle shows he he
s eng hs o hese models, wi h a pa icula ocus on scalabili y challenges, alse
posi i e a es, and adap abili y in eal- ime enc yp ed en i onmen s.
Fu he mo e, he s udy iden i ies c i ical esea ch gaps, including he sca ci y o
upda ed enc yp ed da ase s, he need o explainable AI (XAI) o enhance us
and anspa ency, and he po en ial o hyb id de ec ion amewo ks ha
combine hos - and ne wo k-le el pe spec i es. Wi h he ise o cloud se ices,
In e ne o Things (IoT) de ices, and i ualiza ion echnologies, he cybe a ack
su ace has expanded signi ican ly, c ea ing mo e isks o o ganiza ions
O e all, his a icle consolida es cu en app oaches, emphasizes open
challenges, and ou lines u u e di ec ions o de eloping e icien , scalable, and
in elligen IDS capable o secu ing mode n enc yp ed ne wo k
h p://am esea ch e iew.com/index.php/Jou nal/abou
Online ISSN P in ISSN
3007-3197 3007-3189
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
33
40
1. INTRODUCTION
In o ma ion and Communica ion Technology (ICT) sys ems ha e become he ounda ion o he
digi al age, suppo ing i al se ices in heal hca e, inance, educa ion, go e nmen , and business.
These sys ems con inuously handle sensi i e and con iden ial da a, making hem highly
a ac i e o cybe c iminals and malicious inside s [1]. A acks on ICT sys ems can be launched
manually o au oma ically, and ad e sa ies o en use ad anced echniques such as enc yp ion,
polymo phism, and ob usca ion o bypass adi ional de enses. The impac o hese a acks is
se e e. Fo example, Yahoo’s da a b each led o losses o a ound $350 million, while a Bi coin-
ela ed b each caused damages o nea ly $70 million [2]. These de elopmen s unde sco e he
p essing need o in elligen , adap i e, and scalable secu i y mechanisms. One o he mos widely
used de ense mechanisms in his con ex is he In usion De ec ion Sys em (IDS) [3].. Enc yp ed
a ic makes adi ional Deep Packe Inspec ion (DPI) ine ec i e because he payload is hidden
and canno be analyzed di ec ly. Ins ead o elying on con en inspec ion, A i icial In elligence
(AI) echniques can de ec h ea s by analyzing me ada a ea u es such as packe size, iming, and
low pa e ns, as well as empo al dependencies in a ic beha io . This shi highligh s AI’s ole
in p o iding adap i e de ec ion in enc yp ed en i onmen s whe e con en ional IDS app oaches
ail [4].
1.1 In usion De ec ion Sys ems (IDS) and Ne wo k-based IDS (NIDS)
In usion De ec ion Sys ems (IDS) a e usually di ided in o wo ca ego ies: Ne wo k-based IDS
(NIDS) and Hos -based IDS (HIDS) [5]. NIDS moni o s ne wo k a ic passing h ough ou e s,
swi ches, and i ewalls, p o iding a comp ehensi e iew o malicious ac i i y. Howe e , i aces
challenges when mos a ic is enc yp ed, since payloads canno be inspec ed di ec ly [6]. HIDS,
in con as , ope a es by moni o ing ac i i ies on a speci ic hos , including log iles, sys em calls,
and p ocesses. While i p o ides de ailed local isibili y, i canno iden i y la ge-scale o
coo dina ed ne wo k a acks [7]. Due o hese indi idual weaknesses, many mode n en e p ises
ely on hyb id IDS a chi ec u es ha combine NIDS and HIDS o p o ide bo h ne wo k-wide
and hos -le el de ec ion capabili ies. IDS pe o mance s ongly depends on he de ec ion s a egy
applied. The h ee mos common echniques a e signa u e-based, anomaly-based, and s a e ul
p o ocol analysis [8]. A signa u e-based IDS unc ions by de ec ing in usions h ough he
compa ison o cu en ne wo k ac i i ies wi h p e iously eco ded a ack signa u es. They a e
highly accu a e o de ec ing es ablished h ea s, bu ail agains ze o-day a acks o unknown
malwa e. Anomaly-based IDS iden i ies po en ial in usions by i s s udying he ypical pa e ns
o sys em beha io and hen de ec ing any changes om hese pa e ns as suspicious ac i i y [9,
10]. Al hough his allows hem o iden i y p e iously unseen h ea s, hey o en su e om a
high a e o alse posi i es. S a e ul p o ocol analysis e alua es a ic agains p ede ined endo
speci ica ions ac oss mul iple laye s[11, 12]. This makes de ec ion mo e accu a e bu equi es
conside able compu a ional esou ces and an expe se up.
Eq (1)
Signa u e-based sys ems a e p ecise when iden i ying al eady known h ea s, bu hei
dependence on con inuously upda ed signa u es makes hem less e ec i e agains no el o ze o-
day a acks. Anomaly-based sys ems, in con as , a e mo e adap i e, as hey can ecognize
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
34
40
unusual ac i i ies ha may signal new o ms o in usion. Howe e , hei majo d awback is he
endency o gene a e excessi e alse ala ms, which educes hei eliabili y in p ac ice[13, 14].
Table 1 illus a es ha in usion de ec ion me hods exhibi a ying e ec i eness depending on
he ype o a ack and ope a ional en i onmen .
Table 1. Compa ison o IDS De ec ion App oaches
Me hod
S eng hs
Weaknesses
Applica ions
Re
Signa u e-based
Accu a e o known
h ea s and low alse
ala ms
Fails o ze o-day
a acks, and equen
upda es a e needed
Malwa e
de ec ion
[15]
Anomaly-based
De ec s new/unknown
in usions
High alse posi i es;
esou ce-in ensi e
Eme ging h ea s
[16]
S a e ul P o ocol
Analysis
Mul i-laye and p o ocol-
awa e de ec ion
High compu a ional
cos ; complex o deploy
En e p ise
ne wo ks
[17]
S a e ul p o ocol analysis o e s a deepe and mo e s uc u ed iew o a ic beha io , making i
pa icula ly sui able o en e p ise-le el ne wo ks whe e accu acy is c ucial. A he same ime, i s
demand o compu a ional esou ces and con igu a ion expe ise makes i challenging o deploy
widely. The compa ison sugges s ha no single echnique is su icien on i s own, and combining
mul iple app oaches o en yields s onge in usion de ec ion capabili ies[18, 19].
Figu e 1. E olu ion o IDS App oaches [20]
Figu e 1 illus a es ha an IDS se ice ope a es by analyzing incoming a ic wi h he aid o a
knowledge base (CIDD) and hen de e mining whe he i is no mal o malicious. The analyze
componen inspec s he da a, while he ale sys em gene a es wa nings i suspicious ac i i y is
de ec ed. T a ic iden i ied as legi ima e is o wa ded as e e yday ne wo k communica ion,
ensu ing ha ha m ul ac i i ies a e il e ed ou be o e eaching he sys em. This s uc u e
highligh s he undamen al wo k low o IDS in sepa a ing sa e a ic om po en ial h ea s [21].
Eq (2)
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
35
40
Eq (3)
1.3 Impac o Enc yp ion on IDS
The apid g ow h o enc yp ion p o ocols, such as TLS 1.3, QUIC, HTTPS, and DNS-o e -
HTTPS, has undamen ally eshaped he ne wo k secu i y landscape, making in usion de ec ion
inc easingly complex and challenging [22]. Enc yp ion is widely ega ded as essen ial o
ensu ing con iden iali y, da a in eg i y, and use p i acy in digi al communica ion. I p e en s
ea esd opping and p o ec s sensi i e in o ma ion such as inancial ansac ions, pe sonal eco ds,
and en e p ise communica ions om being in e cep ed by ad e sa ies. Howe e , he exac
p ope y ha makes enc yp ion aluable also educes he isibili y o ne wo k moni o ing ools.
T adi ional echniques, such as Deep Packe Inspec ion (DPI), which ely on analyzing he
payload o packe s, a e no longe e ec i e because he con en s o enc yp ed s eams emain
hidden om inspec ion [23, 24].
A emp ing la ge-scale dec yp ion o egain isibili y is no a easible solu ion. Dec yp ion
equi es signi ican compu a ional esou ces, which inc ease ope a ional cos s and in oduce
delays ha can slow down communica ion [25]. Mo eo e , dec yp ing a ic a scale aises
se ious p i acy conce ns and may con lic wi h amewo ks such as GDPR, HIPAA, o na ional
da a p o ec ion laws, making i unsui able o eal-wo ld deploymen . Consequen ly, esea che s
ha e shi ed owa d al e na i e s a egies ha do no equi e dec yp ion [26, 27]. Me ada a-based
app oaches, o example, analyze obse able ea u es like packe sizes, in e -a i al imes, bu s
pa e ns, and low du a ions.
These indica o s, al hough indi ec , can e eal abno mal pa e ns o beha io ha a e o en
associa ed wi h malicious ac i i ies, such as bo ne communica ions, unneling, o denial-o -
se ice a acks [28]. Table 2 illus a es he challenges enc yp ion in oduces o in usion
de ec ion. While p o ocols like TLS 1.3, QUIC, VPN, and DoH/DoT enhance con iden iali y and
sa egua d use p i acy, hey also limi he isibili y o IDS ools by concealing packe payloads.
As a esul , IDS solu ions mus ely on indi ec indica o s such as packe sizes, iming pa e ns,
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
36
40
session du a ion, and low cha ac e is ics.
Eq (7)
These ea u es can e eal unusual communica ion beha io s, bu hey a ely p o ide he
comple e con ex equi ed o accu a e de ec ion [29]. Fo ins ance, TLS 1.3 educes access o
handshake de ails, QUIC complica es s a e ul analysis, and VPNs comple ely mask in e nal
a ic lows. Simila ly, enc yp ed DNS que ies p e en he iden i ica ion o malicious domains
h ough adi ional DNS moni o ing. The able highligh s he ade-o be ween main aining
p i acy and ensu ing adequa e secu i y, unde sco ing he need o no el IDS s a egies ha
balance bo h equi emen s [30].
Table 2. Enc yp ed P o ocols and IDS Visibili y
Me hod
S eng hs
Weaknesses
Applica ions
Re
P o ocol
Visibili y Challenge
Obse able Fea u es
IDS Limi a ion
[31]
TLS 1.3
Enc yp s mos handshakes;
emo es s a ic keys
Packe size, iming, SNI
(i isible)
Payload
una ailable
[32, 33]
QUIC
Combines anspo + c yp o;
suppo s 0-RTT
Flow RTT, bu s size,
ini ial packe s
Ha d o pe o m
s a e ul analysis
[34]
VPN
(SSL/IPsec)
Hides in e nal a ic in
enc yp ed unnels
Tunnel du a ion, by e
coun s, endpoin s
No isibili y in o
inne lows
[35, 36]
DoH/DoT
Enc yp s DNS que ies
Que y cadence, eques
size
Blocks DNS-
based h ea
de ec ion
[37, 38]
1.4 Use o A i icial In elligence in IDS
A i icial In elligence (AI) has become a co ne s one in he e olu ion o In usion De ec ion
Sys ems (IDS), p o iding inno a i e solu ions o o e come he limi a ions o adi ional
de ec ion echniques. Ea ly app oaches elied hea ily on manually enginee ed ea u es and
s a is ical a ic analysis, which equi ed signi ican domain expe ise and o en ailed o
gene alize ac oss di e se a ack scena ios. Wi h he in oduc ion o Machine Lea ning (ML),
algo i hms such as Suppo Vec o Machines (SVM), Random Fo es (RF), Decision T ees (DT),
and k-Nea es Neighbo s (k-NN) we e employed o iden i y ypes o ne wo k a ic by s udying
labeled da ase s [39]. These models demons a ed imp o ed de ec ion pe o mance compa ed o
signa u e-based sys ems, pa icula ly in iden i ying unknown o sligh ly modi ied a acks.
Howe e , hey s ill depended hea ily on ea u e enginee ing, which limi ed scalabili y and
adap abili y o new en i onmen s. The a i al o Deep Lea ning (DL) ma ked a signi ican
u ning poin in IDS esea ch. DL models a e capable o au oma ically ex ac ing hie a chical
and hidden pa e ns om aw da a, while educing he need o manual ea u e design [40].
Con olu ional Neu al Ne wo ks (CNNs), o example, ha e been help ul o a ic classi ica ion
by analyzing spa ial dependencies in packe sequences. A he same ime, Recu en Neu al
Ne wo ks (RNNs) and Long Sho -Te m Memo y (LSTM) models a e highly e ec i e in
modeling sequen ial and ime-dependen pa e ns in a ic lows [41, 42]. Mo e ecen ly,

h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
37
40
T ans o me models ha use sel -a en ion echniques ha e been explo ed o hei abili y o
cap u e con ex ual ela ionships ac oss long sequences o da a, making hem sui able o
de ec ing complex, mul i-s age cybe a acks. Beyond ne wo k-le el de ec ion, AI has also been
applied a he hos le el [43]. Na u al Language P ocessing (NLP) echniques ea sys em calls
o log da a as sequences, enabling IDS o model p og am beha io simila ly o language
modeling, he eby imp o ing de ec ion o s eal hy and p ocess-le el in usions. Toge he , hese
AI-d i en app oaches demons a e signi ican po en ial o adap i e, scalable, and in elligen
in usion de ec ion [44].
1.5 Challenges in AI-Based IDS
While AI-d i en IDS ep esen s a signi ican leap o wa d, se e al un esol ed challenges
con inue o hinde widesp ead adop ion in eal-wo ld en i onmen s. One o he mos pe sis en
issues is he high numbe o alse posi i es, whe e egula a ic is inco ec ly iden i ied as
malicious. Excessi e alse ala ms no only e ode analys us bu also o e whelm secu i y eams,
was ing esou ces on unnecessa y in es iga ions. Ano he majo limi a ion a ises om da ase
dependency [45, 46]. Mos IDS esea ch elies on publicly a ailable da ase s, such as NSL-KDD,
CICIDS2017, and UNSW-NB15. Al hough hese da ase s ha e suppo ed benchma king and
compa a i e s udies, hey emain limi ed in scope and ail o cap u e he scale, enc yp ion
di e si y, and cons an ly e ol ing na u e o eal-wo ld a ic. As a esul , models ained on
hese da ase s o en igh o simpli y when deployed in li e en i onmen s.
Scalabili y u he complica es he deploymen o AI-based IDS. Mode n en e p ise and IoT
ne wo ks gene a e as amoun s o high-speed a ic, and many deep lea ning models lack he
e iciency o p ocess his da a in eal- ime [47]. Resou ce cons ain s make i challenging o
apply la ge DL a chi ec u es wi hou signi ican ha dwa e in es men s. Addi ionally,
in e p e abili y emains a p essing conce n. Mos deep lea ning models ope a e as ―black boxes,‖
p oducing highly accu a e ou pu s wi hou p o iding clea explana ions o jus i ica ions o hei
decisions. In a domain like cybe secu i y, whe e accoun abili y and explainabili y a e c ucial,
his lack o anspa ency educes he us o secu i y analys s and slows inciden esponse [48,
49].
Figu e 2. Wo k low o AI-Based IDS [50].
Figu e 2 illus a es he wo k low o an AI-based IDS, showing how he model in e ac s wi h bo h
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
38
40
ad e sa ial h ea s and de ensi e mechanisms. A ack ec o s such as poisoning, in e ence,
ex ac ion, and e asion highligh he ulne abili ies o IDS, while coun e measu es like poison
de ec ion, ad e sa ial aining, and ce i ica ion s eng hen i s esilience. This amewo k
emphasizes he ongoing balance be ween e ol ing cybe a acks and in elligen de ense
s a egies. To add ess hese ba ie s, esea che s a e explo ing ede a ed lea ning o educe
da ase dependency, ans e lea ning o use p e- ained models o new h ea s, and Explainable
AI (XAI) o p o ide in e p e abili y o model p edic ions [51, 52]. As shown in Table 3, se e al
c i ical challenges hinde he e ec i eness o AI-d i en IDS, along wi h he s a egies cu en ly
being explo ed o mi iga e hem. One o he mos p essing issues is he high numbe o alse
posi i es, which educes analys us and was es aluable esou ces. Con ex -awa e deep
lea ning models add ess his by lea ning iche a ic pa e ns, he eby minimizing unnecessa y
ale s. Ano he limi a ion is da ase dependency, as mos IDS models we e ained on ou da ed o
es ic ed da ase s ha ailed o e lec he complexi y o mode n ne wo ks [53]. Fede a ed and
ans e lea ning app oaches p o ide al e na i es by enabling models o adap o di e se
en i onmen s wi hou equi ing cen alized da ase s. Scalabili y is also a key conce n, as
en e p ise and IoT ne wo ks gene a e as amoun s o high-speed a ic ha many deep lea ning
models s uggle o p ocess in eal- ime. Pa allel and dis ibu ed lea ning amewo ks a e being
in oduced o imp o e e iciency in such scena ios. Fu he mo e, enc yp ed a ic conceals
payload in o ma ion, bu me ada a-based ea u e lea ning o e s pa ial isibili y h ough low-
le el cha ac e is ics [54]. Finally, he lack o in e p e abili y in deep models limi s analys us , a
challenge being add essed h ough Explainable AI (XAI) echniques ha make model ou pu s
mo e anspa en . Collec i ely, he able illus a es ha while AI o e s powe ul ools o IDS,
p ac ical deploymen equi es add essing hese ongoing challenges [55].
Table 3. Challenges in Enc yp ed T a ic De ec ion and AI-Based Solu ions
Challenge
Limi a ions o Cu en IDS
AI-Based Solu ion
Re
High alse posi i es
Too many alse ala ms o analys s
Con ex -awa e DL models
educe noise
[56]
Da ase dependency
Poo gene aliza ion ac oss
ne wo ks
T ans e lea ning and
ede a ed lea ning
[57]
Scalabili y
S uggles wi h high-speed lows
Pa allel and dis ibu ed
deep lea ning amewo ks
[58]
Enc yp ed a ic
Hidden payloads, p i acy conce ns
Me ada a-based ea u e
lea ning
[59]
In e p e abili y
Models ac as black boxes
Explainable AI (XAI)
echniques
[60]
1.6 Hyb id and Compa a i e App oaches
Hyb id In usion De ec ion Sys ems (IDSs) ha e eme ged as a p omising solu ion o o e come
he limi a ions o sepa a e me hods by combining he s eng hs o bo h Ne wo k-based IDS
(NIDS) and Hos -based IDS (HIDS) wi h ad anced A i icial In elligence echniques. T adi ional
NIDS p o ide wide isibili y ac oss ne wo k a ic, while HIDS o e de ailed insigh s a he
sys em le el, such as moni o ing p ocesses, log ac i i ies, and sys em calls. By me ging hese
wo pe spec i es, hyb id IDS amewo ks c ea e a mo e holis ic de ec ion mechanism ha can
iden i y bo h ex e nal and in e nal h ea s wi h highe accu acy. A no able example o such
in eg a ion is he Scale-Hyb id-IDS-Ale -Ne (SHIA), which uses hos -le el and ne wo k-le el
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
39
40
da a wi h deep lea ning algo i hms o p o ide scalable, eal- ime de ec ion o malicious ac i i ies
[61, 62]. This dis ibu ed a chi ec u e enables SHIA o handle la ge olumes o a ic while
main aining de ec ion accu acy, making i sui able o en e p ise-le el en i onmen s. In addi ion
o s uc u al hyb ids, esea ch has also explo ed he combina ion o di e en analy ical me hods.
Fo ins ance, Na u al Language P ocessing (NLP)-based IDS applied o hos moni o ing ea s
sys em calls as sequen ial pa e ns, allowing de ec ion o s eal hy in usions ha migh o he wise
bypass signa u e-based o anomaly-based echniques. Such me hods highligh he alue o c oss-
disciplina y app oaches, whe e ideas om AI sub ields, such as NLP o ein o cemen lea ning,
can be applied o cybe secu i y challenges [63, 64]. To be e unde s and he dis inc ions in
analy ical powe and p ac ical applica ion, esea che s ha e conduc ed compa a i e s udies
be ween classical Machine Lea ning (ML) and mode n Deep Lea ning (DL) me hods. ML
models such as SVM and Random Fo es p o ide in e p e abili y and lowe compu a ional cos s,
bu hey o en depend p o oundly on ea u e enginee ing. Deep Lea ning models, such as CNNs,
RNNs, and T ans o me s, on he o he hand, can au oma ically ex ac ea u es and cap u e
complex spa ial, empo al, and con ex ual dependencies in a ic lows, albei a he cos o
highe esou ce demands [65]. As p esen ed in Table 4, machine lea ning (ML) and deep
lea ning (DL) app oaches in IDS each ha e dis inc s eng hs and weaknesses. ML echniques
such as SVM, Random Fo es , and k-NN a e alued o hei e iciency, lowe compu a ional
equi emen s, and in e p e abili y, which makes hem sui able o esou ce-cons ained
en i onmen s o scena ios whe e anspa ency is c i ical. Howe e , hei dependence on
manually designed ea u es es ic s hei e ec i eness agains mode n, complex
cybe a acks[66, 67]. On he o he hand, DL models—including CNNs, RNNs, LSTMs, and
T ans o me s—excel a au oma ically ex ac ing spa ial, empo al, and con ex ual ea u es om
aw a ic, allowing hem o ecognize complex a ack pa e ns and enc yp ed h ea s wi h highe
accu acy. Despi e hese ad an ages, DL app oaches demand signi ican compu a ional esou ces
and o en ac as ―black boxes,‖ as hey do no clea ly explain how hey make decisions. This
ade-o highligh s a clea dis inc ion: ML emains p ac ical o smalle -scale o in e p e able
applica ions. A he same ime, DL is mo e e ec i e o la ge-scale, high-accu acy in usion
de ec ion in mode n ne wo k en i onmen s [68].
Table 4. Compa ison o ML and DL App oaches in IDS
App oach
Example Models
S eng hs
Weaknesses
Re
ML
SVM, Random Fo es , k-NN
Requi es ewe
esou ces; easy o
in e p e
Needs manual ea u e
enginee ing; less e ec i e on
complex da a
[69]
DL
CNN, RNN, LSTM,
T ans o me s
Lea ns pa e ns
au oma ically;
handles la ge da a
Requi es mo e compu a ion;
low in e p e abili y
[70]
Con en ional IDS app oaches, such as signa u e-based and anomaly-based de ec ion, we e
p ac ical in ea lie , less complex en i onmen s; howe e , hey now s uggle o cope wi h he
scale, di e si y, and sophis ica ion o mode n cybe a acks. Wi h mo e han 90% o global
in e ne a ic expec ed o be enc yp ed, elying on payload inspec ion has become imp ac ical,
lea ing o ganiza ions ulne able o hidden a acks ha pass h ough unde ec ed. This eali y
unde sco es he u gen need o in elligen , AI-d i en sys ems ha can analyze enc yp ed a ic
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
40
40
while main aining e iciency, accu acy, and compliance wi h p i acy egula ions. E alua es
benchma k da ase s, such as CICIDS2017, UNSW-NB15, and ADFA-LD, iden i ying hei
s eng hs and weaknesses in e ms o ealism, scalabili y, and ep esen a i eness. Addi ionally, i
examines he po en ial o hyb id IDS amewo ks ha combine bo h NIDS and HIDS, as well as
he signi icance o explainable AI (XAI) in enhancing analys us and sys em anspa ency [71,
72]. By add essing pe sis en issues such as da ase dependency, scalabili y, alse posi i e a es,
and in e p e abili y, his pape se s a di ec ion o he nex gene a ion o IDS. In conclusion,
while he dominance o enc yp ed p o ocols has weakened he e ec i eness o adi ional
payload-based inspec ion, AI-based IDS, pa icula ly hose using hyb id and explainable models,
o e a p omising pa hway. Despi e ongoing challenges ela ed o scalabili y, us , and da ase
di e si y, he s eady p og ess in ML, DL, and hyb id amewo ks p o ides a s ong ounda ion
o building e icien and in elligen IDS capable o sa egua ding mode n digi al in as uc u e
[73].
1.8 Pape O ganiza ion
The emainde o his pape is o ganized as ollows. Sec ion 2 p esen s a comp ehensi e
li e a u e e iew, acing he e olu ion o in usion de ec ion sys ems om adi ional app oaches
o AI-based me hods, while also add essing he challenges posed by enc yp ion, da ase
limi a ions, and scalabili y issues. Sec ion 3 ou lines he me hodology used in his e iew,
including he selec ion c i e ia o s udies, classi ica ion schemes, and e alua ion me ics.
Sec ion 4 p esen s a compa a i e analysis o IDS app oaches, suppo ed by ables ha summa ize
s eng hs, weaknesses, da ase s, and pe o mance esul s. Sec ion 5 discusses key challenges,
iden i ies esea ch gaps, and highligh s u u e esea ch di ec ions in AI-d i en IDS. Finally,
Sec ion 6 concludes he pape by summa izing signi ican indings and ou lining
ecommenda ions o he de elopmen o scalable, in e p e able, and e ec i e IDS solu ions.
2. Li e a u e Re iew
Resea ch on In usion De ec ion Sys ems (IDS) has unde gone a ema kable de elopmen o e
he las wo decades, g adually shi ing away om ule-based models o mo e ad anced A i icial
In elligence (AI)-d i en app oaches. In he ea lies s ages, IDS we e p ima ily based on signa u e
de ec ion, also known as misuse de ec ion, whe e a ic was ma ched agains a da abase o
known a ack signa u es. These sys ems we e highly eliable o de ec ing p e iously
documen ed h ea s such as i uses, wo ms, and denial-o -se ice a acks. Thei p ima y
d awback was he ailu e o iden i y no el, unknown, o ze o-day a acks. Any no el malwa e o
a ack echnique ha lacked a p e-exis ing signa u e could comple ely bypass de ec ion, c ea ing
signi ican blind spo s in secu i y moni o ing [74].
To add ess hese sho comings, esea che s de eloped anomaly-based de ec ion sys ems. Ins ead
o elying solely on p ede ined a ack pa e ns, anomaly-based IDS c ea ed models o ―no mal‖
ne wo k beha io and lagged any signi ican a ia ions as possible in usions.
√ Eq (8)
This app oach o e ed he signi ican bene i o iden i ying p e iously unseen a acks, making i
mo e lexible han signa u e-based de ec ion. Howe e , anomaly-based de ec ion also comes
wi h pa icula challenges. I was o en p one o gene a ing high alse posi i e a es,
o e whelming secu i y analys s wi h unnecessa y ale s. In la ge-scale en e p ise ne wo ks, his
issue o alse ala ms limi ed hei p ac ical adop ion, as o ganiza ions could no alloca e
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
47
40
da ase s, such as CICIDS2017 and UNSW-NB15, a emp o simula e eal-wo ld a ic,
including DoS, DDoS, bo ne , and in il a ion a acks. CICIDS2017 is no able o inco po a ing
enc yp ed lows, while UNSW-NB15 o e s b oade a ack di e si y o en e p ise-le el
scena ios. Howe e , bo h su e om challenges such as class imbalance and limi ed scalabili y,
unde sco ing he need o da ase s ha mo e accu a ely e lec he la ge-scale and dynamic
na u e o mode n ne wo ks.
Table 5. Commonly Used IDS Da ase s and Thei Limi a ions
Da ase
Fea u es
S eng hs
Limi a ions
Re
KDDCup99
Basic TCP/IP ea u es,
connec ion logs
Benchma k o ea ly
IDS s udies
Redundan , ou da ed,
un ealis ic
[106]
NSL-KDD
Cleaned e sion o
KDDCup99
Reduced edundancy,
easie benchma king
S ill ou da ed, lacks
enc yp ion
[107]
CICIDS2017
Mode n a ic, bo ne s, DoS,
DDoS
Includes enc yp ed
lows, ealis ic mix
Imbalanced, limi ed
scalabili y
[108]
UNSW-
NB15
Simula ed en e p ise a ic
wi h a acks
B oade a ack
di e si y
Does no ully cap u e eal-
wo ld dynamics
[109]
ADFA-LD
Linux sys em call logs
Use ul o hos -le el
in usion de ec ion
Limi ed o he Linux
en i onmen
[110]
TON_IoT
IoT and SCADA a ic
Realis ic, mul i-
sou ce da a o IoT
S ill unde ea ly adop ion
[111]
Bo -IoT
IoT bo ne a acks
Co e s DDoS, DoS,
keylogging, and
in il a ion
Does no include all IoT
h ea s
[112]
F om [110-112] p esen s da ase s de eloped o add ess eme ging domains such as hos -le el
in usion de ec ion and IoT/SCADA en i onmen s. ADFA-LD ocuses on Linux sys em call
logs, making i aluable o hos -based IDS esea ch, hough i emains limi ed o a speci ic
ope a ing sys em. TON_IoT in oduces ealis ic, mul i-sou ce IoT and SCADA a ic, p o iding
a much-needed benchma k o IoT secu i y esea ch. Howe e , i is s ill in i s ea ly s ages o
adop ion wi hin he esea ch communi y. Simila ly, Bo -IoT cap u es a ange o IoT-speci ic
a ack scena ios, including DDoS, DoS, keylogging, and in il a ion; howe e , i does no
comp ehensi ely co e he ull spec um o IoT h ea s. Toge he , hese da ase s ex end he
scope o IDS e alua ion beyond adi ional en e p ise ne wo ks, add essing he g owing need o
benchma ks ha e lec he complexi y o IoT and cybe -physical sys ems.
To p o ide a consolida ed iew o ecen de elopmen s in In usion De ec ion Sys ems (IDS),
his sec ion compa es key esea ch s udies ac oss di e en app oaches, da ase s, and
pe o mance ou comes. The compa a i e able highligh s how adi ional machine lea ning
models, deep lea ning a chi ec u es, and hyb id amewo ks ha e e ol ed o add ess he
challenges posed by enc yp ed a ic, scalabili y, and explainabili y. I also e lec s he g owing
ole o mode n da ase s such as CICIDS2017 and UNSW-NB15, alongside ad anced echniques
like T ans o me s, Explainable AI (XAI), and Fede a ed Lea ning. Table 7 p esen s a
compa a i e analysis o selec ed s udies in IDS esea ch, highligh ing da ase s, me hods,
pe o mance me ics, and unique con ibu ions.
Table 5. Commonly Used IDS Models

h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
48
40
Da ase s
Used
Model
Key Me ics
Main Con ibu ion
Re
Bo ne a ic
da ase
ML-based
classi ica ion
(SVM, RF)
Accu acy ~85%
Applied ML echniques o bo ne a ic
de ec ion; highligh ed ea ly ML limi a ions.
[113]
Benchma k
da ase s
(gene al)
Deep Lea ning
(CNN, RNN)
Accu acy ~88%
P o ided ounda ional deep lea ning
concep s ha la e in luenced IDS
applica ions.
[114]
Real- ime
ne wo k
aces
B o IDS sys em
High de ec ion
accu acy in eal-
ime
In oduced B o, an ea ly eal- ime IDS,
laying he ounda ion o a ic-based
in usion de ec ion.
[115]
Sys em call
aces
Sequence-based
IDS
De ec ed anomalies
in call sequences
Demons a ed sys em call sequence analysis
o anomaly de ec ion.
[116]
Unix p ocess
aces
Sel /non-sel IDS
De ec ed de ia ions
in p ocess beha io
P oposed he ―sel /non-sel ‖ model,
pionee ing anomaly de ec ion in hos
p ocesses.
[117]
Sys em call
da ase s
Pai g am-based
anomaly
de ec ion
Imp o ed de ec ion
p ecision
Modeled he equency o lookahead pai s
in sys em calls o enhance anomaly
de ec ion.
[118]
2.10 Resea ch Gap Iden i ica ion
The exis ing body o esea ch on In usion De ec ion Sys ems (IDS) demons a es signi ican
p og ess, mo ing om signa u e-based de ec ion owa d machine lea ning, deep lea ning, and
hyb id AI-d i en amewo ks. Compa a i e analyses e eal ha ad anced models, such as
CNNs, RNNs, LSTMs, and T ans o me s, ou pe o m adi ional algo i hms. Meanwhile, hyb id
NIDS–HIDS solu ions o e b oade isibili y ac oss hos and ne wo k en i onmen s. Likewise,
Explainable AI (XAI) and Fede a ed Lea ning ha e been in oduced o add ess anspa ency and
p i acy issues. Despi e hese de elopmen s, se e al c i ical gaps emain unadd essed.
Fi s , mos IDS models con inue o ely on limi ed o ou da ed da ase s such as KDDCup99 and
NSL-KDD, which ail o cap u e he scale, di e si y, and enc yp ed na u e o mode n ne wo k
a ic. E en mo e ecen da ase s, such as CICIDS2017 and UNSW-NB15, su e om class
imbalance and lack co e age o complex en e p ise o IoT en i onmen s, aising conce ns abou
he gene alizabili y o ained models. This highligh s a p essing need o la ge-scale, ealis ic,
and con inually upda ed da ase s ha accu a ely e lec eal-wo ld ne wo k dynamics.
Second, he inc easing dominance o enc yp ion has led o a loss o payload isibili y o
in usion de ec ion sys ems. T adi ional deep packe inspec ion (DPI) echniques a e now
ine ec i e, o cing esea che s o ely on me ada a and a ic low ea u es. While p omising,
hese indi ec indica o s a e o en insu icien o de ec sophis ica ed o s eal hy a acks. Thus, he
challenge o designing an IDS capable o iden i ying in usions in ully enc yp ed en i onmen s
wi hou iola ing p i acy emains la gely un esol ed.
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
49
40
FIGURE 4: Con i mable Messages Based On Ids (B) Non-Con i mable Messages Wi hou Ids
[119]
Al hough deep lea ning a chi ec u es achie e high accu acy, hey emain compu a ionally
in ensi e and o en unsui able o eal- ime deploymen in la ge en e p ises o IoT ne wo ks.
Scalabili y and e iciency issues hinde hei adop ion in p ac ice, especially whe e ligh weigh
solu ions a e equi ed. Mo eo e , he ―black-box‖ na u e o deep models con inues o es ic
hei usabili y, as secu i y analys s demand explainable ou pu s o alida e ale s and espond
e ec i ely [120]. IDS models s ill s uggle wi h alse posi i es, pa icula ly in anomaly-based
and deep lea ning app oaches. Excessi e alse ala ms no only o e whelm analys s bu also
educe us in he sys em, c ea ing ope a ional bo lenecks. Reducing alse posi i es wi hou
comp omising de ec ion accu acy emains an open challenge in IDS esea ch [121].
Finally, while hyb id a chi ec u es and ede a ed app oaches show p omise, he e is s ill limi ed
esea ch on in eg a ing hese me hods in o p ac ical, esou ce-cons ained, and p i acy-sensi i e
en i onmen s. Exis ing amewo ks o en emain a he p oo -o -concep s age, wi h li le
e idence o pe o mance in eal- ime, en e p ise-scale deploymen s [122].
2.11 Challenges and Resea ch Di ec ions
Despi e signi ican p og ess in Machine Lea ning (ML) and Deep Lea ning (DL)-based In usion
De ec ion Sys ems (IDS), se e al challenges con inue o limi hei p ac ical deploymen in eal-
wo ld en i onmen s. While AI-d i en IDS has demons a ed supe io pe o mance ela ed o
adi ional signa u e-based o anomaly-based app oaches, issues ela ed o alse posi i es, da ase
quali y, scalabili y, and explainabili y emain signi ican obs acles. Add essing hese challenges
is c i ical o mo ing om con olled expe imen al se ups o ope a ional, en e p ise-le el
adop ion [123].
A majo ongoing challenge in IDS esea ch is he la ge numbe o alse posi i es. Anomaly-
based and deep lea ning models, while e ec i e a inding ze o-day a acks, o en misclassi y
benign ac i i ies as malicious. This gene a es a lood o unnecessa y ale s, o e whelming
secu i y analys s and educing sys em eliabili y. High alse posi i e a es no only inc ease
ope a ional cos s bu also con ibu e o ―ale a igue,‖ whe e c i ical h ea s may be igno ed due
o he excessi e olume o ale s. Reducing alse posi i es wi hou sac i icing de ec ion accu acy
is he e o e one o he key goals in IDS esea ch [124].
Ano he majo challenge is he sca ci y o la ge-scale, a ied, and enc yp ed a ic da ase s.
Many exis ing da ase s, such as NSL-KDD, CICIDS2017, and UNSW-NB15, p o ide aluable
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
50
40
benchma ks, bu hey emain limi ed in scope. They usually ail o cap u e he di e si y o eal-
wo ld en e p ise en i onmen s and he complexi y in oduced by enc yp ed a ic. Fu he mo e,
class imbalance wi hin hese da ase s makes i di icul o models o lea n a e a ack ypes
success ully [125]. I IDS models a e no ained on ealis ic and cu en da ase s, hey may
o e i o con olled lab en i onmen s and ail o pe o m e ec i ely in eal-wo ld deploymen s.
This highligh s he need o new s a egies such as syn he ic da ase gene a ion using Gene a i e
Ad e sa ial Ne wo ks (GANs) and collabo a i e da a-sha ing amewo ks ha p ese e p i acy
while enabling b oade access o ep esen a i e a ic da a [126].
Scalabili y is ano he p essing conce n. Deep lea ning models, pa icula ly a chi ec u es such as
CNNs, LSTMs, and T ans o me s, equi e subs an ial compu a ional esou ces. T aining hese
models on la ge da ase s demands high-pe o mance GPUs o dis ibu ed compu ing clus e s,
which a e no always a ailable o o ganiza ions. Mo eo e , eal- ime in usion de ec ion in
en e p ise o cloud en i onmen s in ol es p ocessing e aby es o ne wo k a ic pe day, a scale
ha many cu en AI-based IDS canno handle e icien ly [127]. De eloping ligh weigh models,
op imizing a chi ec u es o eal- ime de ec ion, and explo ing dis ibu ed o pa allelized deep
lea ning amewo ks a e ac i e a eas o esea ch aimed a o e coming scalabili y limi a ions.
A u he ba ie o adop ion is he limi a ion in p o iding cla i y in deep lea ning-based IDS.
Mos models ac as ―black boxes,‖ making p edic ions wi hou o e ing insigh in o hei
decision-making p ocesses. Fo secu i y analys s, i is c i ical o unde s and why a sys em
lagged a pa icula ac i i y as malicious, bo h o alida e ale s and o ake app op ia e
coun e measu es. Wi hou anspa ency, us in AI-d i en IDS emains limi ed. To o e come
his challenge, esea che s ha e de eloped Explainable AI (XAI) echniques, such as Shapley
Addi i e explana ions (SHAP) and Local In e p e able Model-Agnos ic Explana ions (LIME),
which p o ide pos -hoc explana ions o model p edic ions. These me hods enable analys s o
ace de ec ed anomalies back o he speci ic ea u es o pa e ns ha in luenced he model,
he eby enhancing bo h usabili y and us [128].
To o e come hese challenges, se e al esea ch di ec ions ha e been p oposed. Fede a ed
lea ning allows IDS models o be ained ac oss mul iple dis ibu ed sys ems wi hou cen alizing
sensi i e da a, imp o ing gene aliza ion while p ese ing p i acy. Simila ly, ans e lea ning
enables models o adap o new a ack ypes o en i onmen s wi h minimal e aining, he eby
educing hei dependency on la ge labeled da ase s [129]. Hyb id amewo ks, combining NIDS
and HIDS wi h ad anced DL models, ha e also shown p omise in educing alse posi i es and
imp o ing de ec ion accu acy in enc yp ed en i onmen s. Fu he mo e, esea ch in o esou ce-
e icien AI models, such as p uning, quan iza ion, and ligh weigh a chi ec u es, is opening
possibili ies o eal- ime IDS deploymen in cons ained en i onmen s like IoT ne wo ks [130].
Table 6. IDS Challenges and Eme ging Resea ch Models
Challenge
Limi a ion
P oposed Solu ion
Re
High False Posi i es
Too many ale s
Con ex -awa e DL,
ensemble lea ning
[131]
Da ase Sca ci y
Limi ed enc yp ed da a
Syn he ic da ase
gene a ion, ede a ed
lea ning
[132]
Scalabili y
Hea y compu a ion needed
Dis ibu ed and pa allel
[133]
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
51
40
amewo ks
Lack o Explainabili y
Black-box models
XAI me hods such as
SHAP, LIME
[134]
In summa y, while AI-d i en IDS has ad anced he s a e o cybe secu i y, c i ical challenges
emain, including alse posi i es, da ase limi a ions, scalabili y issues, and conce ns ega ding
in e p e abili y. The combina ion o ede a ed lea ning, ans e lea ning, XAI, and hyb id
de ec ion amewo ks o e s p omising solu ions o hese p oblems. Con inued esea ch in hese
di ec ions will pa e he way o he de elopmen o an e icien , anspa en , and scalable IDS
capable o ope a ing in mode n enc yp ed en i onmen s. Abo e Table 8 summa izes key
challenges in AI-d i en IDS and hei eme ging solu ions. High alse posi i es a e being
mi iga ed h ough con ex -awa e deep lea ning and ensemble me hods, while da ase sca ci y is
add essed by syn he ic da a gene a ion and ede a ed lea ning. Scalabili y issues caused by hea y
compu a ion a e being ackled wi h dis ibu ed and pa allel amewo ks. Finally, he limi a ion in
p o iding cla i y in deep lea ning models is coun e ed by Explainable AI (XAI) echniques such
as SHAP and LIME. These solu ions unde sco e ongoing e o s o enhance he accu acy,
scalabili y, and us wo hiness o IDS in eal-wo ld en i onmen s.
3. P oposed Deep Lea ning App oach o IDS
Deep Lea ning (DL) has eme ged as one o he mos powe ul app oaches o enhancing he
pe o mance o In usion De ec ion Sys ems (IDS), pa icula ly in en i onmen s domina ed by
enc yp ed ne wo k a ic. Unlike adi ional Machine Lea ning (ML) models ha ely hea ily on
manual ea u e ex ac ion, DL models a e p o icien in au oma ically lea ning complex, laye ed
ep esen a ions di ec ly om aw o ligh ly p ep ocessed a ic da a. This abili y has enabled
hem o ou pe o m ea lie app oaches in e ms o accu acy, adap abili y, and scalabili y, making
hem a compelling solu ion o mode n cybe secu i y challenges.
Con olu ional Neu al Ne wo ks (CNNs) ha e been widely applied in IDS due o hei s eng h in
de ec ing spa ial dependencies and local pa e ns wi hin a ic ea u es. Fo example, CNNs can
ecognize anomalies in packe heade s, low s a is ics, o ea u e ma ices by ea ing hem as
s uc u ed da a ep esen a ions simila o images. This capabili y enables CNN-based IDS o
de ec sub le pa e ns o malicious ac i i y ha shallow classi ie s may o e look.
Recu en Neu al Ne wo ks (RNNs), along wi h hei enhanced e sion, Long Sho -Te m
Memo y (LSTM) ne wo ks, a e pa icula ly e ec i e o analyzing sequen ial and ime-
dependen da a. Since ne wo k a ic o en ollows empo al dependencies, such as session-
based ac i i ies o mul i-s age a acks, hese models a e well-sui ed o iden i ying anomalies ha
un old o e ime. LSTMs, in pa icula , o e come he anishing g adien p oblem o s anda d
RNNs, enabling hem o cap u e long- ange dependencies and pa e ns in a ic sequences.
Mo e ad anced a chi ec u es, such as T ans o me s and a en ion-based models, ha e ecen ly
been explo ed in IDS esea ch. These models u ilize sel -a en ion echniques o cap u e
backg ound ela ionships ac oss long sequences, he eby elimina ing he need o ecu ence and
achie ing he highes le el o pe o mance in handling la ge and complex ne wo k lows.
In addi ion, unsupe ised DL echniques like au oencode s and Gene a i e Ad e sa ial Ne wo ks
(GANs) ha e been applied o anomaly de ec ion. Au oencode s lea n compac la en
ep esen a ions o egula a ic and lag de ia ions as po en ial in usions, while GANs gene a e
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
52
40
syn he ic a ic da a ha helps ain obus models and imp o e gene aliza ion. Howe e , he
e ec i eness o hese app oaches o en depends on he a ailabili y o la ge, high-quali y da ase s
and signi ican compu a ional esou ces, which emain a challenge o eal-wo ld deploymen .
Figu e 5. P oposed CNN and RNN based Enc yp ed T a ic IDS
Figu e 4 illus a es he in eg a ion o Con olu ional Neu al Ne wo ks (CNNs) and Recu en
Neu al Ne wo ks (RNNs) in an IDS amewo k designed o enc yp ed a ic analysis. The
da ase unde goes da a p epa a ion s eps, including cleaning, ea u e selec ion, and da a spli ing,
be o e being passed in o he hyb id CNN-RNN (HCRNN) model. CNN laye s a e esponsible o
ex ac ing local spa ial ea u es, while RNN laye s cap u e empo al dependencies wi hin a ic
sequences. These ea u es a e conca ena ed and p ocessed h ough ully connec ed laye s o
gene a e classi ica ion ou pu s, dis inguished be ween egula and a ack a ic. This app oach
highligh s he complemen a y s eng hs o CNNs and RNNs in handling bo h spa ial and
sequen ial aspec s o enc yp ed ne wo k lows, he eby imp o ing de ec ion accu acy. The
eme gence o T ans o me a chi ec u es has opened new possibili ies o In usion De ec ion
Sys ems (IDS), pa icula ly in en i onmen s whe e enc yp ed a ic limi s he e ec i eness o
con en ional app oaches. Unlike ecu en models such as RNNs and LSTMs, T ans o me s
u ilize sel -a en ion mechanisms o cap u e global dependencies ac oss en i e sequences o
a ic wi hou elying on ecu ence. This allows hem o e icien ly p ocess la ge-scale ne wo k
da a while modeling long- ange con ex ual ela ionships be ween packe s.
In IDS esea ch, T ans o me -based models ha e shown s ong po en ial in iden i ying complex,
mul i-s age cybe a acks ha un old ac oss ex ended ime windows. By a ending o di e en
pa s o he inpu sequence, hese models can de ec sub le co ela ions be ween a ic lows ha
shallow classi ie s migh o he wise o e look. Recen s udies ha e demons a ed ha a en ion
mechanisms no only imp o e de ec ion accu acy in enc yp ed en i onmen s bu also educe he
eliance on manual ea u e enginee ing, as he models can au oma ically lea n hie a chical a ic
ep esen a ions.
Despi e hei s eng hs, T ans o me models p esen challenges in e ms o scalabili y and
in e p e abili y. T aining such models equi es la ge, high-quali y da ase s and powe ul
compu a ional esou ces, which may no be eadily a ailable in many en e p ise se ings.

h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
53
40
Mo eo e , he ―black-box‖ na u e o a en ion-based sys ems makes i di icul o analys s o
unde s and why a pa icula low was classi ied as malicious ully. Ne e heless, T ans o me s
ep esen one o he mos p omising di ec ions o IDS esea ch, o e ing adap abili y,
scalabili y, and obus ness in de ec ing sophis ica ed h ea s in enc yp ed ne wo ks.
The P oposed Technique wo ks on he basis o below Algo i hm:
Algo i hm 1: F amewo k o P oposed IDS lea ning
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
54
40
The p oposed classi ie con ains i o ep esen andom uni s o b-laye uni s and y o ep esen
he o al b-laye uni s.
Eq (19)
Eq (20)
Eq (21)
Eq (22)
Figu e 6 illus a es a p oposed In usion De ec ion Sys em (IDS) amewo k. In his se up, clien s
locally ain models on hei p i a e da ase s o se e al epochs and gene a e upda es, wi hou
sha ing aw da a. These upda es a e hen agg ega ed using he FedA g algo i hm o o m a
global model. The upda ed global pa ame e s a e edis ibu ed o clien s, enabling collabo a i e
lea ning while p ese ing da a p i acy. This decen alized app oach imp o es de ec ion
pe o mance, educes eliance on cen alized da a collec ion, and s eng hens secu i y agains
e ol ing h ea s.
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
55
40
Figu e 6. P oposed IDS F amewo k
The me hodology is o ensu e a comp ehensi e and unbiased syn hesis o he exis ing esea ch
on In usion De ec ion Sys ems (IDS). The li e a u e was collec ed om epu able academic
da abases, including IEEE Xplo e, ACM Digi al Lib a y, ScienceDi ec , Sp inge Link, and
Google Schola , using a combina ion o keywo ds such as In usion De ec ion Sys em, AI-based
IDS, Machine Lea ning IDS, Deep Lea ning IDS, Hyb id IDS, Enc yp ed T a ic IDS, and
Explainable AI in IDS. The p ima y ocus was on s udies published be ween 2010 and 2024,
al hough ea lie wo ks we e also conside ed o p o ide his o ical con ex and highligh he
e olu ion o IDS app oaches. To main ain ele ance, s udies we e included i hey p oposed IDS
echniques based on machine lea ning, deep lea ning, hyb id amewo ks, ede a ed lea ning, o
explainable AI, and i hey epo ed e alua ion esul s using benchma k da ase s such as NSL-
KDD, CICIDS2017, UNSW-NB15, o o he eal-wo ld a ic aces. Resea ch ha ocused
solely on adi ional, ule-based IDS, wi hou inco po a ing AI o lacking su icien
me hodological and expe imen al de ail, was excluded om he analysis.
∑
{ }
While ano he ask wi h in usions a i e wi h he ea lies deadline be o e he end o he
execu ion ask hen he leng h o he idle in e al due o ne wo k delay and h ea is deno ed as
and max ime du a ion o he idle pe iod is ep esen ed as du ing longe da a a ack ha
can be measu ed using Eq. (10).
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
56
40
∑
{ }
T adi ional o AI-based models, machine lea ning app oaches, deep lea ning a chi ec u es such
as CNNs, RNNs, LSTMs, and T ans o me s, hyb id NIDS–HIDS sys ems, and ad anced
echniques, including ede a ed lea ning and explainable AI. In addi ion, a c i ical ocus was
placed on he ole o da ase s, pa icula ly he s eng hs and weaknesses o commonly used
benchma ks, as well as on how each s udy add essed challenges such as enc yp ion, scalabili y,
high alse posi i e a es, and in e p e abili y.
∑
{ }
∑
{ }
∑
{ }
∑
{ }
Fo compa ison, pe o mance me ics commonly epo ed in IDS esea ch—such as accu acy,
p ecision, ecall, F1-sco e, and alse posi i e a e—we e used o e alua e he s eng hs and
limi a ions o di e en app oaches. By applying his me hodology, he e iew ensu es a
s uc u ed and balanced examina ion o IDS esea ch, highligh ing no only echnical
ad ancemen s bu also pe sis en gaps and challenges ha mus be add essed o u u e
de elopmen .
4. Resul s and Discussion
The In usion De ec ion Sys ems (IDS), p og essing om ea ly s a ic app oaches o in elligen ,
adap i e solu ions. T adi ional sys ems elied hea ily on ule-based and signa u e-d i en
echniques, which we e highly e ec i e in de ec ing well-documen ed a acks. Howe e , hese
app oaches soon p o ed insu icien in he ace o apidly e ol ing cybe h ea s. Va ious
Malwa e, ze o-day a acks, and ad anced de e mined h ea s (APTs) demons a ed ha sys ems
based solely on p ede ined ules could no adap o unknown a ack beha io s. This sho coming
shi ed esea ch in e es owa d mo e lexible app oaches, leading o he adop ion o machine
lea ning (ML) and la e deep lea ning (DL) me hods as he ounda ion o mode n IDS design.
This shi e lec s a g owing consensus in he esea ch communi y: s a ic mechanisms, while
use ul as a baseline, canno p o ide adequa e p o ec ion agains mode n, enc yp ed, and la ge-
scale cybe a acks.
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
63
40
MEAN S ack Technology Applica ions. Bulle in o Business and Economics
(BBE), 13(2), 200-206.
[33] U. Hashmi, S. A. ZeeshanNajam, "The mal-Awa e Real-Time Task Schedulabil y
es o Ene gy and Powe Sys em Op imiza ion using Homogeneous Cache Hie a chy o
Mul i-co e Sys ems", Jou nal o Mechanics o Con inua and Ma hema ical Sciences., ol.
14, no. 4, pp. 442-452, Ma . 2023
[34] Mum az, J., Bakhe , S., Ja ed, A., Naz, A., Rashail, M., & Khan, H. (2025). An
In elligen Diagnosis and Tumo Segmen a ion Me hod based on MRI Images Using P e-
ained Deep Con olu ional Neu al Ne wo ks (CNNs). The Asian Bulle in o Big Da a
Managemen , 5(1), 147-163
[35] Zahee , M., Azeem, M. H., A zal, Z., & Ka im, H. (2024). C i ical E alua ion o
Da a P i acy and Secu i y Th ea s in Fede a ed Lea ning: Issues and Challenges Rela ed
o P i acy and Secu i y in IoT. Spec um o Enginee ing Sciences, 2(5), 458-479.
[36] Noo , H., Khan, H., Din, I. U., Ta iq, M. I., Amin, M. N., & Fa ima, M. Vi ual
Memo y Managemen Techniques. Secu ing he Digi al Realm, 126-137.
[37] Y. A. Khan, F. Khan, H. Khan, S. Ahmed, M. Ahmad, "Design and Analysis o
Maximum Powe Poin T acking (MPPT) Con olle o PV Sys em", Jou nal o
Mechanics o Con inua and Ma hema ical Sciences., ol. 14, no. 1, pp. 276-288, May.
2019
[38] Ali, M., Khan, H., Rana, M. T. A., Ali, A., Baig, M. Z., Rehman, S. U., &
Alsaawy, Y. (2024). A Machine Lea ning App oach o Reduce La ency in Edge
Compu ing o IoT De ices. Enginee ing, Technology & Applied Science
Resea ch, 14(5), 16751-16756.
[39] Khan, A. Yasmeen, S. Jan, U. Hashmi, "Enhanced Resou ce Le eling Indynamic
Powe Managemen Techniqueo Imp o emen In Pe o mance Fo Mul i-Co e
P ocesso s" ,Jou nal o Mechanics o Con inua and Ma hema ical Sciences., ol. 6, no.
14, pp 956-972, Sep. 2019
[40] FDM: Fuzzy-op imized Da a Managemen Technique o Imp o ing Big Da a
Analy ics. IEEE T ansac ions on Fuzzy Sys ems, 29(1), 177–185. Manoga an, G.,
Shakeel, P. M., P iyan, R. V., Chilamku i, N., & S i as a a, A. (2019). An colony
op imiza ion-induced ou e op imiza ion o enhancing he d i ing ange o elec ic
ehicles. In e na ional Jou nal o Communica ion Sys ems, e3964.
h ps://doi.o g/10.1002/dac.3964
[41] Khan, M. U. Hashmi, Z. Khan, R. Ahmad, "O line Ea lies Deadline i s
Scheduling based Technique o Op imiza ion o Ene gy using STORM in Homogeneous
Mul i-co e Sys ems", IJCSNS In . J. Compu . Sci. Ne w. Secu ., ol. 18, no. 12, pp. 125-
130, Oc . 2018
[42] Akmal, I., Khan, H., Khushnood, A., Zul iqa , F., & Shahbaz, E. (2024). An
E icien A i icial In elligence (Al) and Blockchain-Based Secu i y S a egies o
Enhancing he P o ec ion o Low-Powe loT De ices in 5G Ne wo ks. Spec um o
enginee ing sciences, 2(3), 528-586.
[43] H. Khan, M. U. Hashmi, Z. Khan, R. Ahmad, A. Saleem, "Pe o mance
E alua ion o Secu e DES-Algo i hm Based Au hen ica ion & Coun e Measu es o
In e ne Mobile Hos P o ocol", IJCSNS In . J. Compu . Sci. Ne w. Secu ., ol. 18, no.
12, pp. 181-185, July. 2018
[44] Y. A. Khan, U. Khalil, H. Khan, A. Uddin, S. Ahmed, "Powe low con ol by

h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
64
40
uni ied powe low con olle ",Enginee ing, Technology & Applied Science Resea ch.,
ol. 9, no. 2, pp. 3900-3904, Feb. 2019
[45] H. Khan, I. Uddin, A. Ali, M. Husain, "An Op imal DPM Based Ene gy-Awa e
Task Scheduling o Pe o mance Enhancemen in Embedded MPSoC", Compu e s,
Ma e ials & Con inua., ol. 74, no. 1, pp. 2097-2113, Sep. 2023
[46] Khan, S., Ullah, I., Khan, H., Rahman, F. U., Rahman, M. U., Saleem, M. A., ...
& Ullah, A. (2024). G een syn hesis o AgNPs om lea es ex ac o Sali a Scla ea, hei
cha ac e iza ion, an ibac e ial ac i i y, and ca aly ic educ ion abili y. Zei sch i ü
Physikalische Chemie, 238(5), 931-947.
[47] S. Khan, I. Ullah, H. Khan, F. U. Rahman, M. U. Rahman, M. A. Saleem, A.
Ullah, "G een syn hesis o AgNPs om lea es ex ac o Sal ia Scla ea, hei
cha ac e iza ion, an ibac e ial ac i i y, and ca aly ic educ ion abili y", Zei sch i ü
Physikalische Chemie., ol. 238, no. 5, pp. 931-947, May. 2024
[48] Sa ke , I.H.; Khan, A.I.; Abusha k, Y.B.; Alsolami, F. In e ne o hings (io )
secu i y in elligence: A comp ehensi e o e iew, machine lea ning solu ions and
esea ch di ec ions. Mob. Ne w. Appl. 2023, 28, 296–312.
[49] H. Khan, M. U. Hashmi, Z. Khan, R. Ahmad, "O line Ea lies Deadline i s
Scheduling based Technique o Op imiza ion o Ene gy using STORM in Homogeneous
Mul i-co e Sys ems", IJCSNS In . J. Compu . Sci. Ne w. Secu ., ol. 18, no. 12, pp. 125-
130, Dec. 2018
[50] Nasi , M. S., Khan, H., Qu eshi, A., Ra iq, A., & Rasheed, T. (2024). E hical
Aspec s In Cybe Secu i y Main aining Da a In eg i y and P o ec ion: A
Re iew. Spec um o enginee ing sciences, 2(3), 420-454.
[51] Khan, A. Ali, S. Alshm any, "Ene gy-E icien Scheduling Based on Task
Mig a ion Policy Using DPM o Homogeneous MPSoCs", Compu e s, Ma e ials &
Con inua., ol. 74, no. 1, pp. 965-981, Ap . 2023
[52] Fakha , M. H., Baig, M. Z., Ali, A., Rana, M. T. A., Khan, H., A zal, W., ... &
Albouq, S. (2024). A Deep Lea ning-based A chi ec u e o Diabe es De ec ion,
P edic ion, and Classi ica ion. Enginee ing, Technology & Applied Science
Resea ch, 14(5), 17501-17506.
[53] Shah, S. Ahmed, K. Saeed, M. Junaid, H. Khan, "Pene a ion es ing ac i e
econnaissance phase–op imized po scanning wi h nmap ool", In 2019 2nd
In e na ional Con e ence on Compu ing, Ma hema ics and Enginee ing Technologies
(iCoMET), IEEE., pp. 1-6, No . 2019
[54] Y. A. Khan, "A high s a e o modula ansis o on a 105 kW HVPS o X- ays
omog aphy Applica ions", Sukku IBA Jou nal o Eme ging Technologies., ol. 2, no. 2,
pp. 1-6, Jun. 2019
[55] Kuma , S.; Ve ma, P.K.; Ve ma, R.; Alsabaan, M.; Abdelkade , T. In e ne o
Things: Classi ica ion, Challenges, and Solu ions. In Applica ions o Compu a ional
In elligence Techniques in Communica ions, 1s ed.; CRC P ess: Boca Ra on, FL, USA,
2024; pp. 137–172.
[56] Khan, S. Ahmad, N. Saleem, M. U. Hashmi, Q. Bashi , "Scheduling Based
Dynamic Powe Managemen Technique o o line Op imiza ion o Ene gy in Mul i
Co e P ocesso s", In . J. Sci. Eng. Res., ol. 9, no. 12, pp. 6-10, Dec. 2018
[57] Nasi , M. S., Khan, H., Qu eshi, A., Ra iq, A., & Rasheed, T. (2024). E hical
Aspec s In Cybe Secu i y Main aining Da a In eg i y and P o ec ion: A
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
65
40
Re iew. Spec um o enginee ing sciences, 2(3), 420-454.
[58] Y. A. Khan, "Enhancing Ene gy E iciency in Tempe a u e Con olled Dynamic
Scheduling Technique o Mul i P ocessing Sys em on Chip", Sukku IBA Jou nal o
Eme ging Technologies., ol. 2, no. 2, pp. 46-53, Jan. 2019
[59] Khan, K. Janjua, A. Sikanda , M. W. Qazi, Z. Hameed, "An E icien Scheduling
based cloud compu ing echnique using i ual Machine Resou ce Alloca ion o e icien
esou ce u iliza ion o Se e s", In 2020 In e na ional Con e ence on Enginee ing and
Eme ging Technologies (ICEET), IEEE., pp. 1-7, Ap . 2020
[60] Hassan, H. Khan, I. Uddin, A. Sajid, "Op imal Eme ging ends o Deep Lea ning
Technique o De ec ion based on Con olu ional Neu al Ne wo k", Bulle in o Business
and Economics (BBE)., ol. 12, no. 4, pp. 264-273, No . 2023
[61] Y. A. Khan, "A GSM based Resou ce Alloca ion echnique o con ol
Au onomous Robo ic Glo e o Spinal Co d Implan pa alysed Pa ien s using Flex
Senso s", Sukku IBA Jou nal o Eme ging Technologies., ol. 3, no. 2, pp. 13-23, Feb.
2020
[62] Go don, T. Diabe es, blood lipids, and he ole o obesi y in co ona y hea
disease isk o women. Ann. In e n. Med. 87, 393 (1977).
[63] Ayub, N., Waheed, A., Ahmad, S., Akba , M. H. A., Fuzail, M. Z., & Hashmi, A.
H. (2025). S eng hening Ne wo k Secu i y: An E icien DL Enabled Da a P o ec ion
and P i acy F amewo k o Th ea Mi iga ion and Vulne abili ies De ec ion in IoT
Ne wo k. Annual Me hodological A chi e Resea ch Re iew, 3(6), 1-25.
[64] Rumelha , D.E.; Hin on, G.E.; Williams, R.J. Lea ning ep esen a ions by back-
p opaga ing e o s. Na u e 1986, 323, 533–536.
[65] C iado, M.F.; Casado, F.E.; Iglesias, R.; Reguei o, C.V.; Ba o, S. Non-iid da a
and con inual lea ning p ocesses in ede a ed lea ning: A long oad ahead. In .
Fusion 2022, 88, 263–280.
[66] Khan, Q. Bashi , M. U. Hashmi, "Scheduling based ene gy op imiza ion
echnique in mul ip ocesso embedded sys ems", In 2018 In e na ional Con e ence on
Enginee ing and Eme ging Technologies (ICEET), IEEE., pp. 1-8, Sep. 2018
[67] Fa ima, M., Ali, A., Ahmad, M., Nisa, F. U., Khan, H., & Raheem, M. A. U.
Enhancing The Resilience O Io Ne wo ks: S a egies And Measu es Fo Mi iga ing
Ddos A acks. Con .& Ma h. Sci., Vol.-19, No.-10, 129-152, Oc obe 2024
h ps://jmcms.s3.amazonaws.com/wp-con en /uploads/2024/10/10072102/jmcms-
2410025-ENHANCING-THE-RESILIENCE-OF-IOT-NETWORKS-MF-HK.pd
[68] Ja ed, M. A., Anjum, M., Ahmed, H. A., Ali, A., Shahzad, H. M., Khan, H., &
Alshah ani, A. M. (2024). Le e aging Con olu ional Neu al Ne wo k (CNN)-based Au o
Encode s o Enhanced Anomaly De ec ion in High-Dimensional Da ase s. Enginee ing,
Technology & Applied Science Resea ch, 14(6), 17894-17899.
[69] Li, H.; Luo, L.; Wang, H. Fede a ed lea ning on non-independen and iden ically
dis ibu ed da a. In P oceedings o he Thi d In e na ional Con e ence on Machine
Lea ning and Compu e Applica ion (ICMLCA 2022), Shenyang, China, 16–18
Decembe 2023; SPIE: Bellingham, WA, USA; pp. 154–162.
[70] Gula e, K.H.M.; Va gas, J.A.R.; Da Cos a, J.P.J.; Da Sil a, A.A.S.; San os, G.A.;
Wang, Y.; Mülle , C.A.; Lipps, C.; Júnio , R.T.S.; Vidal Filho, W.B.; e al. Sa egua ding
he V2X Pa hways: Explo ing he Cybe secu i y Landscape h ough Sys ema ic
Li e a u e Re iew. IEEE Access 2024, 12, 72871–72895.
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
66
40
[71] Y. A. Khan, M. Ib ahim, M. Ali, H. Khan, E. Mus a a, "Cos Bene i Based
Analy ical S udy o Au oma ic Me e Reading (AMR) and Blind Me e Reading (BMR)
used by PESCO (WAPDA)", In 2020 3 d In e na ional Con e ence on Compu ing,
Ma hema ics and Enginee ing Technologies (iCoMET), IEEE., pp. 1-7, Aug. 2020
[72] Mus a a, M., Ali, M., Ja ed, M. A., Khan, H., Iqbal, M. W., & Ruk, S. A. (2024).
Be ies o Low-Cos Sma I iga ion Sys ems o Wa e Managemen an IoT
App oach. Bulle in o Business and Economics (BBE), 13(3), 508-514.
[73] Hassan, A., Khan, H., Ali, A., Sajid, A., Husain, M., Ali, M., ... & Fakha , H.
(2024). An Enhanced Lung Cance Iden i ica ion and Classi ica ion Based on Ad anced
Deep Lea ning and Con olu ional Neu al Ne wo k. Bulle in o Business and Economics
(BBE), 13(2), 136-141.
[74] Rahman, M. U., Khan, S., Khan, H., Ali, A., & Sa wa , F. (2024). Compu a ional
chemis y un eiled: a c i ical analysis o heo e ical coo dina ion chemis y and
nanos uc u ed ma e ials. Chemical P oduc and P ocess Modeling, 19(4), 473-515.
[75] Naz, H. Khan, I. Ud Din, A. Ali, and M. Husain, ―An E icien Op imiza ion
Sys em o Ea ly B eas Cance Diagnosis based on In e ne o Medical Things and Deep
Lea ning‖, Eng. Technol. Appl. Sci. Res., ol. 14, no. 4, pp. 15957–15962, Aug. 2024
[76] Khan, I. Ullah, M. U. Rahman, H. Khan, A. B. Shah, R. H. Al homali, M. M.
Rahman, "Ino ganic-polyme composi e elec oly es: basics, ab ica ions, challenges and
u u e pe spec i es", Re iews in Ino ganic Chemis y., ol. 44, no. 3, pp. 1-2, Jan. 2024
[77] Ali, I., Saleem, M. U., Khan, A. A., Naz, A., Nawaz, M., & Khan, H. (2025). An
Enhanced A i icial In elligence Gene a ed Vi ual In luence F amewo k: Examining he
E ec s o Emo ional Display on Use Engagemen based on Con olu ional Neu al
Ne wo ks (CNNs). Annual Me hodological A chi e Resea ch Re iew, 3(4), 184-209.
[78] Ayub, N., Sa wa , N., Ali, A., Khan, H., Din, I., Alqah ani, A. M., ... & Ali, A.
(2025). Fo ecas ing Mul i-Le el Deep Lea ning Au oencode A chi ec u e (MDLAA) o
Pa ame ic P edic ion based on Con olu ional Neu al Ne wo ks. Enginee ing,
Technology & Applied Science Resea ch, 15(2), 21279-21283.
[79] Mum az, J., Rehman, A. U., Khan, H., Din, I. U., & Ta iq, I. Secu i y and
Pe o mance Compa ison o Window and Linux: A Sys ema ic Li e a u e
Re iew. Secu ing he Digi al Realm, 272-280.
[80] Ali, R., Khan, H., A i , M. W., Ta iq, M. I., Din, I. U., A zal, A., & Khan, M. A.
Au hen ica ion o Use Da a o Enhancing P i acy in Cloud Compu ing Using Secu i y
Algo i hms. In Secu ing he Digi al Realm (pp. 187-200). CRC P ess.
[81] Noo , H., Khan, H., Din, I. U., Ta q, M. I., Amin, M. N., & Fa ima, M. (2025). 12
Vi ual Memo y Managemen . Secu ing he Digi al Realm: Ad ances in Ha dwa e and
So wa e Secu i y, Communica ion, and Fo ensics, 126.
[82] Ayub, N., Iqbal, M. W., Saleem, M. U., Amin, M. N., Im an, O., & Khan, H.
(2025). E icien ML Technique o B ain Tumo Segmen a ion, and De ec ion, based on
MRI Scans Using Con olu ional Neu al Ne wo ks (CNNs). Spec um o Enginee ing
Sciences, 3(3), 186-213.
[83] Sai , S., Hamayun Khan, A. A., Albouq, S., Hussain, M. Z., Hasan, M. Z., Uddin,
I., ... & Husain, M. AN EFFICIENT MACHINE LEARNING-BASED DETECTION
AND PREDICTION MECHANISM FOR CYBER THREATS USING INTELLIGENT
FRAMEWORK IN IOTS. Vol.-15, No.-8, Augus (2024) pp 191-206
[84] Anas, M., Im iaz, M. A., Saad Khan, A. A., Naghman, N. F., Khan, H., & Albouq,
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
67
40
S. AN ADVANCED MACHINE LEARNING (ML) ARCHITECTURE FOR HEART
DISEASE DETECTION, PREDICTION AND CLASSIFICATION USING MACHINE
LEARNING. Vol.-20, No.-3, Ma ch (2025) pp 54 - 72
[85] Yousa , M., Khalid, F., Saleem, M. U., Din, M. U., Shahid, A. K., & Khan, H.
(2025). A Deep Lea ning-Based Enhanced Sen imen Classi ica ion and Consis ency
Analysis o Que ies and Resul s in Sea ch Using O acle Hyb id Fea u e
Ex ac ion. Spec um o Enginee ing Sciences, 3(3), 99-121.
[86] Khan, H., Usman, R., Ahmed, B., Hashimi, U., Najam, Z., & Ahmad, S. (2019).
The mal-awa e eal- ime ask schedulabil y es o ene gy and powe sys em
op imiza ion using homogeneous cache hie a chy o mul i-co e sys ems. Jou nal o
Mechanics o Con inua and Ma hema ical Sciences, 14(4), 442-452.
[87] Ali, M., Cheema, S. M., Ayub, N., Naz, A., & Aslam, Z. (2022, Decembe ).
Impac o adop ing obo s as eache s: a e iew s udy. In 2022 In e na ional Con e ence
on Eme ging Technologies in Elec onics, Compu ing and Communica ion
(ICETECC) (pp. 1-9). IEEE.
[88] Na eed, A., Khan, H., Im iaz, Z., Hassan, W., & Fa eed, U. (2024). Applica ion
and E hical Aspec s o Machine Lea ning Techniques in Ne wo king: A
Re iew. Spec um o enginee ing sciences, 2(3), 455-501.
[89] Ayub, N., Bakhe , S., A shad, M. J., Saleem, M. U., Anam, R., & Fuzail, M. Z.
(2025). AN ENHANCED MACHINE LEARNING AND BLOCKCHAIN-BASED
FRAMEWORK FOR SECURE AND DECENTRALIZED ARTIFICIAL
INTELLIGENCE APPLICATIONS IN 6G NETWORKS USING ARTIFICIAL
NEURAL NETWORKS (ANNS). Spec um o Enginee ing Sciences, 3(4), 348-364.
[90] Gha oo , U., Ayub, N., Yaseen, A., Anas, M., Fa ooq, I., Khan, S., & Naghman,
N. F. (2025). AI Assis ed Hea Disease P edic ion and Classi ica ion and Segmen a ion
based on PIMA and UCI Machine Lea ning Da ase s. Annual Me hodological A chi e
Resea ch Re iew, 3(7), 248-276.
[91] Sa wa , H. Khan, I. Uddin, R. Waleed, S. Ta iq, "An E icien E-Comme ce Web
Pla o m Based on Deep In eg a ion o MEAN S ack Technologies", Bulle in o Business
and Economics (BBE)., ol. 12, no. 4, pp. 447-453, Jun. 2023
[92] Ali, M., Cheema, S. M., Ayub, N., Naz, A., & Aslam, Z. (2022, Decembe ).
Blockchain-based P i acy P ese a ion F amewo k o IoT-Based In o ma ion Sys ems.
In 2022 3 d In e na ional Con e ence on Inno a ions in Compu e Science & So wa e
Enginee ing (ICONICS) (pp. 1-7). IEEE, 2022
[93] Asgha , M. A., Aslam, A., Bakhe , S., Saleem, M. U., Ahmad, M., Goha , A., &
Khan, H. (2025). An E icien In eg a ion o A i icial In elligence-based Mobile Robo s
in C i ical F ames o he In e ne o Medical Things (IoMTs) Using (ADP2S) and
Con olu ional Neu al Ne wo ks (CNNs). Annual Me hodological A chi e Resea ch
Re iew, 3(4), 160-183.
[94] Ali, M., Cheema, S. M., Aslam, Z., Naz, A., & Ayub, N. (2023, Ma ch). CBAI:
Cloud-Based Agile In as uc u e o Enhancing Dis ibu ed Agile De elopmen . In 2023
4 h In e na ional Con e ence on Compu ing, Ma hema ics and Enginee ing Technologies
(iCoMET) (pp. 1-6). IEEE.
[95] Ayub, N., Yaseen, A., Amin, M. N., Rizwan, S. M., Fa ooq, I., & Hussain, M. Z.
(2025). Reliable Fede a ed Lea ning (Rdl) Assis ed In usion De ec ion And
Classi ica ions App oach Using (Ssl/Tls) Fo Ne wo k Secu i y. Annual Me hodological
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
68
40
A chi e Resea ch Re iew, 3(7), 376-400.
[96] Jabeen, T., Mehmood, Y., Khan, H., Nasim, M. F., & Naq i, S. A. A. (2025).
Iden i y The and Da a B eaches How S olen Da a Ci cula es on he Da k Web: A
Sys ema ic App oach. Spec um o enginee ing sciences, 3(1), 143-161.
[97] Khan, A. K., Bakhe , S., Ja ed, A., Rizwan, S. M., & Khan, H. (2025).
F amewo k o P edic ing Cus ome Sen imen Awa e Que ies and Resul s in Sea ch
Using O acle and Machine Lea ning. Spec um o Enginee ing Sciences, 3(2), 588-617.
[98] Abdullah, M. M., Khan, H., Fa han, M., & Khadim, F. (2024). An Ad ance
Machine Lea ning (ML) App oaches o Anomaly De ec ion based on Ne wo k
T a ic. Spec um o enginee ing sciences, 2(3), 502-527.
[99] Hashmi, U., & ZeeshanNajam, S. A. (2023). The mal-Awa e Real-Time Task
Schedulabil y es o Ene gy and Powe Sys em Op imiza ion using Homogeneous
Cache Hie a chy o Mul i-co e Sys ems. Jou nal o Mechanics o Con inua and
Ma hema ical Sciences, 14(4), 442-452.
[100] Sul an, H., Rahman, S. U., Muni , F., Ali, A., Younas, S., & Khan, H. (2025).
Ins i u ional dynamics, inno a ion, and en i onmen al ou comes: a panel NARDL
analysis o BRICS na ions. En i onmen , De elopmen and Sus ainabili y, 1-43.
[101] Hussain, M., Ahmed, H. A., Baba , M. Z., Ali, A., Shahzad, H. M., Rehman, S.
U., ... & Alshah ani, A. M. (2025). An Enhanced Con olu ional Neu al Ne wo k (CNN)
based P-EDR Mechanism o Diagnosis o Diabe ic Re inopa hy (DR) using Machine
Lea ning. Enginee ing, Technology and Applied Science Resea ch, 15(1), 19062-19067.
[102] Ramzan, M. S., Nasim, F., Ahmed, H. N., Fa ooq, U., Nawaz, M. S., Bukha i, S.
K. H., & Khan, H. (2025). An Inno a i e Machine Lea ning based end- o-end Da a
Secu i y F amewo k in Eme ging Cloud Compu ing Da abases and In eg a ed Pa adigms:
Analysis on Taxonomy, challenges, and Oppo uni ies. Spec um o enginee ing
sciences, 3(2), 90-125.
[103] Muj aba, A., Zul iqa , M., Azha , M. U., Ali, S., Ali, A., & Khan, H. (2025). ML-
based Fileless Malwa e Th ea s Analysis o he De ec ion o Cybe secu i y A ack
based on Memo y Fo ensics: A Su ey. The Asian Bulle in o Big Da a
Managemen , 5(1), 1-14.
[104] Hussain, S., Sa wa , N., Ali, A., Khan, H., Din, I., Alqah ani, A. M., ... & Ali, A.
(2025). An Enhanced Random Fo es (ERF)-based Machine Lea ning F amewo k o
Resampling, P edic ion, and Classi ica ion o Mobile Applica ions using Tex ual
Fea u es. Enginee ing, Technology & Applied Science Resea ch, 15(1), 19776-19781.
[105] Ahmad, I., Nasim, F., Khawaja, M. F., Naq i, S. A. A., & Khan, H. (2025).
Enhancing IoT Secu i y and Se ices based on Gene a i e A i icial In elligence
Techniques: A Sys ema ic Analysis based on Eme ging Th ea s, Challenges and u u e
Di ec ions. Spec um o enginee ing sciences, 3(2), 1-25.
[106] Khan, H., Im iaz, M. A., Siddique, H., Rana, M. T. A., Ali, A., Baig, M. Z., ... &
Alsaawy, Y. (2025). An Enhanced Task Mig a ion Technique Based on Con olu ional
Neu al Ne wo k in Machine Lea ning F amewo k.
[107] Ahmed, A., Ja ed, M. A., Qu eshi, J. N., Khan, H., & Yousa , H. F. (2024). An
insigh ul Machine Lea ning based P i acy-P ese ing Technique o Fede a ed
Lea ning. The Asian Bulle in o Big Da a Managemen , 4(4), 332-343.
[108] Fa ooq, I., Ahmed, S. A., Ali, A., Wa aich, M. A., Aqeel, M., & Khan, H.
(2024). Enhanced Classi ica ion o Ne wo ks Enc yp ed T a ic: A Concep ual Analysis

h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
69
40
o Secu i y Assessmen s, Implemen a ion, T ends and Fu u e Di ec ions. The Asian
Bulle in o Big Da a Managemen , 4(4), 500-522.
[109] Fawy, K. F., Rod iguez-O iz, G., Ali, A., Jadeja, Y., Khan, H., Pa hak, P. K., ...
& Rahman, J. U. (2025). Ca aly ic explo a ion me allic and nonme allic nano-ca alys s,
p ope ies, ole in pho oelec ochemis y o sus ainable applica ions. Re iews in
Ino ganic Chemis y, (0).
[110] Liaqa , M. S., Sha i , N., Ali, A., Khan, H., Ahmed, H. N., & Khan, H. (2024). An
Op imal Analysis o Cloud-based Secu e Web Applica ions: A Sys ema ic Explo a ion
based on Eme ging Th ea s, Pi alls and Coun e measu es. Spec um o enginee ing
sciences, 2(5), 427-457.
[111] Adil, M. U., Ali, S., Haide , A., Ja ed, M. A., & Khan, H. (2024). An Enhanced
Analysis o Social Enginee ing in Cybe Secu i y Resea ch Challenges,
Coun e measu es: A Su ey. The Asian Bulle in o Big Da a Managemen , 4(4), 321-331.
[112] Maqsood, M., Da , M. M., Ja ed, M. A., & Khan, H. (2024). A Su ey on he
In e ne o Medical Things (IOMT) P i acy and Secu i y: Challenges Solu ions and
Fu u e om a New Pe spec i e. The Asian Bulle in o Big Da a Managemen , 4(4), 355-
368.
[113] Khawa , M. W., Salman, W., Shaheen, S., Shakil, A., I ikha , F., & Faisal, K. M.
I. (2024). In es iga ing he mos e ec i e AI/ML-based s a egies o p edic i e ne wo k
main enance o minimize down ime and enhance se ice eliabili y. Spec um o
Enginee ing Sciences, 2(4), 115-132.
[114] Ahmad, J., Salman, W., Amin, M., Ali, Z., & Shoka , S. (2024). A Su ey on
Enhanced App oaches o Cybe Secu i y Challenges Based on Deep Fake Technology in
Compu ing Ne wo ks. Spec um o Enginee ing Sciences, 2(4), 133-149.
[115] Ayub, N., Ejaz, A., Hassan, B., Hussain, M. Z., Nadeem, M., Sabi , L., & Fa ima,
S. (2025). An E icien Machine Lea ning And Deep Lea ning Based Deep Packe
Secu i y F amewo k Fo De ec ion O Compu ing Ne wo k Faul s In The Io s. Spec um
o Enginee ing Sciences, 3(5), 659-674.
[116] Ayub, N., Im iaz, M. A., Ali, E., Alqah ani, A. M., Ali, A., Ashu o , M., ... &
Law, F. L. (2025). A Decision F amewo k o In a Task Fixed P io i y INTEL PXA270
Dis ibu ed A chi ec u e o So RT-Applica ions Based on Deep Lea ning. Enginee ing,
Technology & Applied Science Resea ch, 15(3), 23553-23558.
[117] Ayub, N., Waheed, A., Ahmad, S., Akba , M. H. A., Fuzail, M. Z., & Hashmi, A.
H. (2025). S eng hening Ne wo k Secu i y: An E icien DL Enabled Da a P o ec ion
and P i acy F amewo k o Th ea Mi iga ion and Vulne abili ies De ec ion in IoT
Ne wo k. Annual Me hodological A chi e Resea ch Re iew, 3(6), 1-25.
[118] Fa ooq, M., Younas, R. M. F., Qu eshi, J. N., Haide , A., & Nasim, F. (2025).
Cybe secu i y isks in DBMS: S a egies o mi iga e da a secu i y h ea s: A sys ema ic
e iew. Spec um o enginee ing sciences, 3(1), 268-290.
[119] Ayub, N., Habib, Z., Bakhe , S., Riaz, S., Rizwan, S. M., Abid, M., ... & Khan, H.
(2025). An Op imal Ai & Deep Lea ning Mechanism Fo Mi iga ing Hacking Th ea
Iden i ica ion Using Secu e Ne wo k In as uc u e Based On Linux And So wa e-
De ined Ne wo k (Sdn). Spec um o Enginee ing Sciences, 3(5), 675-687.
[120] Aslam, I., Ta iq, W., Nasim, F., Khan, H., Khawaja, M. F., Ahmad, A., & Nawaz,
M. S. (2025). A Robus Hyb id Machine Lea ning based Implica ions and P e en ions o
Social Media Blackmailing and Cybe bullying: A Sys ema ic App oach.
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
70
40
[121] Ayub, N., Anwe , M. A., Iqbal, A., Rizwan, S. M., Shahbaz, A., Abid, M. H., &
Ra i, S. (2025). Enhanced ML F amewo k based on A i icial Neu al Ne wo k o
coun e measu es o Da a P o ec ion and Ne wo k Vulne abili ies De ec ion in Indus ial
In e ne o Things. Annual Me hodological A chi e Resea ch Re iew, 3(5), 410-431.
[122] Akh a , M. H., Ali, A., Ali, S., Nasim, F., Aziz, M. H., Khan, H., & Naq i, S. A.
A. (2025). A No el Machine Lea ning App oach o Da abase Exploi a ion o Enhance
Da abase Secu i y: A Su ey. Spec um o Enginee ing Sciences, 3(2), 26-57.
[123] Jabeen, T., Mehmood, Y., Khan, H., Nasim, M.F. and Naq i, S.A.A., 2025.
Iden i y The and Da a B eaches How S olen Da a Ci cula es on he Da k Web: A
Sys ema ic App oach. Spec um o enginee ing sciences, 3(1), pp.143-161.
[124] Jindal, A., Aujla, G. S., & Kuma , N. (2019). SURVIVOR: A blockchain-based
edge-as-a-se ice amewo k o secu e ene gy ading in SDN-enabled ehicle- o-g id
en i onmen . Compu e Ne wo ks, 153, 36–48. Kho amshahi, M., & Billa d, A. (2019).
A dynamical sys em app oach o ask adap a ion in physical human- obo in e ac ion.
Au onomous Robo s, 43(4), 927–946.
[125] Lin, K., Li, Y., Sun, J., Zhou, D., & Zhang, Q. (2020). Mul i-senso usion o a
body senso ne wo k in a medical human- obo in e ac ion scena io. In o ma ion Fusion,
57, 15–26. Manoga an, G., Baska , S., Hsu, C. H., Kad y, S. N., Sunda aseka , R.,
Kuma , P. M., & Mu hu, B. A. (2021).
[126] Ghabban, F.M.; Al adli, I.M.; Amee bakhsh, O.; AbuAli, A.N.; Al-Dhaqm, A.;
Al-Khasawneh, M.A. Compa a i e analysis o ne wo k o ensic ools and ne wo k
o ensics p ocesses. In P oceedings o he 2021 2nd In e na ional Con e ence on Sma
Compu ing and Elec onic En e p ise (ICSCEE), Came on Highlands, Malaysia, 15–17
June 2021; pp. 78–83. [Google Schola ]
[127] B ei inge , F.; Hilge , J.N.; Ha g ea es, C.; Sheppa d, J.; O e do , R.; Scanlon,
M. DFRWS EU 10-yea e iew and u u e di ec ions in Digi al Fo ensic
Resea ch. Fo ensic Sci. In . Digi . In es ig. 2024, 48, 301685. [Google Schola ]
[C ossRe ]
[128] Nandi a, G.; Munesh Chand a, T. Malicious hos de ec ion and classi ica ion in
cloud o ensics wi h DNN and SFLO app oaches. In . J. Sys . Assu . Eng.
Manag. 2024, 15, 578–590.
[129] Pandey, B.; Pandey, P.; Kulmu a o a, A.; Rzaye a, L. E icien usage o web
o ensics, disk o ensics, and email o ensics in he success ul in es iga ion o
cybe c ime. In . J. In . Technol. 2024, 16, 3815–3824.
[130] Alam, M.N.; Kabi , M.S. Fo ensics in he In e ne o Things: Applica ion Speci ic
In es iga ion Model, Challenges and Fu u e Di ec ions. In P oceedings o he 2023 4 h
In e na ional Con e ence o Eme ging Technology (INCET), Belgaum, India, 26–28
May 2023; pp. 1–6. [Google Schola ]
[131] Zhang, H. Simula ion o ne wo k o ensics model based on wi eless senso
ne wo ks and in e ence echnology. Meas. Sens. 2024, 34, 101261.
[132] Kamble, D.; Ra hod, S.; Bhelande, M.; Shah, A.; Sapkal, P. Co ela ing o ensic
da a o enhanced ne wo k c ime in es iga ions: Techniques o packe sni ing, ne wo k
o ensics, and a ack de ec ion. J. Au on. In ell. 2024, 7, 1272.
[133] Fe ag, M.A.; Ndhlo u, M.; Tihanyi, N.; Co dei o, L.C.; Debbah, M.; Les able,
T.; Thandi, N.S. Re olu ionizing cybe h ea de ec ion wi h la ge language models: A
p i acy-p ese ing be -based ligh weigh model o io /iio de ices. IEEE
h p://am esea ch e iew.com/index.php/Jou nal/abou
Volume 3, Issue 11 (2025)
`
71
40
Access 2024, 12, 23733–23750.
[134] Mena d, P., & Bo , G. J. (2020). Analyzing IOT use s’ mobile de ice p i acy
conce ns: Ex ac ing p i acy pe missions using a disclosu e expe imen . Compu e s &
Secu i y, 95, 101856.