oalogo2  

AUTHOR(S):

Amjad Jumaah Frhan

 

TITLE

Hybrid Intelligence Learning and Signature-Based Framework for Zero‑Day Malware Intrusion Detection

pdf PDF

ABSTRACT

Nowadays, we see an exponentially increasing reliance of users on smart devices, and security threats have evolved, with malware becoming a major threat to users' privacy and security. This malicious software, unlike secure software, is characterized by irregular data movement. Due to the diversity and complexity of these attacks, it has become necessary to develop advanced smart defense methods and increase the cost of protecting computer clouds and communication systems. This research introduces a hybrid ensemble (ML+DL) framework using CNN+BiLSTM, which is systematically assessed against CIC-IDS2017 with cost-effectiveness trade-off examination, in contrast to previous works whose just assess supervised and unsupervised ML systems. Cybersecurity technologies and ensemble data-driven learning techniques are used to develop and improve intrusion detection systems (IDSs) for identifying cyberattacks, using structured data to diagnose benign and DDoS classification tasks. Those methods were employed, including supervised such as KNN, SVM, Random Forest (RF), LightGBM, XGBoost, HistGradient Boost (HGB), XGBoost, and a mixed neural network (NNs) framework. (CNN+BiLSTM) A technique was used to ensemble individual deep learning models using averaging methods. The results showed that the Random Forest classifier and the hybrid deep model achieved the highest classification accuracy of 99.9%, while the SVM model achieved the lowest classification accuracy in addition to its longer training time. Furthermore, unlabeled classifiers involving K-Means, DBSCAN, and Isolation Forest were put to use. A highest intrusion accuracy of 90% was attained by the Isolation Forest approach. The study demonstrates the effectiveness of CNN+BiLSTM hybrid deep learning designs in intrusion detection, with a 99.9% success rate, and the highest accuracy of 90% for the unsupervised Isolation Forest model.

KEYWORDS

malware intrusion detection, cybersecurity, machine learning, deep learning, malware classification, hybrid learning

 

Cite this paper

Amjad Jumaah Frhan. (2025) Hybrid Intelligence Learning and Signature-Based Framework for Zero‑Day Malware Intrusion Detection. International Journal of Computers, 10, 284-293

 

cc.png
Copyright © 2025 Author(s) retain the copyright of this article.
This article is published under the terms of the Creative Commons Attribution License 4.0