GCN-LSTM-IDS: ANOMALY-AWARE INTRUSION DETECTION SYSTEM USING INTEGRATED GRAPH CONVOLUTIONAL NETWORKS (GCN) WITH LONG SHORT-TERM MEMORY (LSTM)

Abstract

Intrusion Detection Systems (IDS) are vital in detecting and preventing potential cyber threats in network environments. Traditional IDS models may fail against complex, dynamic attack patterns and high-dimensional network data. In this study, an Anomaly-Aware IDS proposed with the combination of Graph Convolutional Network (GCN) with Long Short-Term Memory (LSTM) to enhance the performances of IDS. The GCN model detects the complex and interdependent relationships between the global network traffic data set elements. At the same time, the LSTM module helps learn spatial and temporal relationships, which detect any successive aberrations in a structure’s behavior over time. Both architectures are integrated to form an advanced framework to detect known and zero-day attacks effectively. Compared with Deep Learning (DL) and traditional Machine Learning (ML) models, it outperforms benchmark IDS datasets, as demonstrated by extensive experiments. Overall, the findings describe a considerable enhancement in these detection metrics with reduced false-positive ratios alongside resilience to adversarial attacks, presenting this novel technique as a significant step forward in intelligent cyber security defense.