Call for Paper - Upcoming Issues

CyberAdaptAI: A Dynamic Ensemble Learning Framework for Real-Time Cyberattack Detection Using AdaptEnsembleNet

International Journal of Electronics and Communication Engineering
© 2025 by SSRG - IJECE Journal
Volume 12 Issue 9
Year of Publication : 2025
Authors : Nagamani Uddamari, P. Sammulal
10.14445/23488549/IJECE-V12I9P102
pdf
How to Cite?

Nagamani Uddamari, P. Sammulal, "CyberAdaptAI: A Dynamic Ensemble Learning Framework for Real-Time Cyberattack Detection Using AdaptEnsembleNet," SSRG International Journal of Electronics and Communication Engineering, vol. 12,  no. 9, pp. 11-31, 2025. Crossref, https://doi.org/10.14445/23488549/IJECE-V12I9P102

Abstract:

Networked systems have been expanding rapidly, and there are cybersecurity challenges that require advanced Intrusion Detection Systems (IDS) to detect sophisticated and evolving threats. However, the more common traditional IDS approaches, including signature-based and classical machine learning methods, usually suffer from a significant drop in performance as they typically cannot adapt well to concept drift and data imbalance and cannot provide enough interpretability [6-9]. In dynamic networks, these challenges prevent faster and accurate detection of new attacks or zero-day attacks. This article presents CyberAdaptAI, a novel hybrid adaptive ensemble learning framework that combines several base classifiers through an efficient drift detection scheme and adaptive weight rebalancing to overcome these limitations [38]. It has also integrated explainability through SHAP-based interpretability, leading to actionable insights for security analysts. The general approach is to apply mini-batch processing of the streaming network data, dynamically tuning the classifier weights based on the most recent performance, concept detection using ADWIN, and a mechanism triggered by concept drift detection to train new models to maintain accuracy. CyberAdaptAI achieves up to 98.1% and 96.8% accuracy on benchmark datasets CIC-IDS2017 and UNSW-NB15, while outperforming state-of-the-art baselines empirically evaluated. Not only does the model recover quickly after encountering drift events, but it is also consistent and stable during batch-wise performance. Besides, cross-dataset evaluations substantiate its robustness and generalization abilities in a heterogeneous network scenario. The solution provided by CyberAdaptAI enables a practical and scalable approach to real-time intrusion detection in complex and evolving cyber environments, relying on adaptability, accuracy, and interpretability. By seamlessly enabling network behaviors of relevance and integrated with transparent decision-making, the framework adds novel support for security operations and threat mitigation, addressing critical gaps in existing IDS methodologies.

Keywords:

Adaptive Intrusion Detection, Ensemble Learning, Concept Drift, Explainable AI, Network Security.

References:

[1] Zhijun Wu et al., “An Incremental Learning Method based on Dynamic Ensemble RVM for Intrusion Detection,” IEEE Transactions on Network and Service Management, vol. 19, no. 1, pp. 671-685, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Huajuan Ren et al., “ADHS-EL: Dynamic Ensemble Learning with Adversarial Augmentation for Accurate and Robust Network Intrusion Detection,” Journal of King Saud University Computer and Information Sciences, vol. 37, pp. 1-25, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Xinghua Li et al., “Sustainable Ensemble Learning Driving Intrusion Detection Model,” IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 4, pp. 1591-1604, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Farah Jemili, Khaled Jouini, and Ouajdi Korbaa, “Detecting Unknown Intrusions from Large Heterogeneous Data through Ensemble Learning,” Intelligent Systems with Applications, vol. 25, pp. 1-19, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Methaq A. Shyaa et al., “Reinforcement Learning-Based Voting for Feature Drift-Aware Intrusion Detection: An Incremental Learning Framework,” IEEE Access, vol. 13, pp. 37872-37903, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Appalaraju Grandhi, and Sunil Kumar Singh, “Interrelated Dynamic Biased Feature Selection and Classification Model using Enhanced Gorilla Troops Optimizer for Intrusion Detection,” Alexandria Engineering Journal, vol. 114, pp. 312-330, 2025. [CrossRef] [Google Scholar] [Publisher Link]
[7] Sydney Mambwe Kasongo, “A Deep Learning Technique for Intrusion Detection System using a Recurrent Neural Networks based Framework,” Computer Communications, vol. 199, pp. 113-125, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Ahmed Abdelkhalek, and Maggie Mashaly, “Addressing the Class Imbalance Problem in Network Intrusion Detection Systems using Data Resampling and Deep Learning,” The Journal of Supercomputing, vol. 79, pp. 10611-10644, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Soumyadeep Hore et al., “A Sequential Deep Learning Framework for a Robust and Resilient Network Intrusion Detection System,” Computers & Security, vol. 144, pp. 1-15, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Mamatha Maddu, and Yamarthi Narasimha Rao, “Network Intrusion Detection and Mitigation in SDN using Deep Learning Models,” International Journal of Information Security, vol. 23, pp. 849-862, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Nojood O. Aljehane et al., “Golden Jackal Optimization Algorithm with Deep Learning Assisted Intrusion Detection System for Network Security,” Alexandria Engineering Journal, vol. 86, pp. 415-424, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Khushnaseeb Roshan, Aasim Zafar, and Shiekh Burhan Ul Haque, “Untargeted White-Box Adversarial Attack with Heuristic Defence Methods in Real-Time Deep Learning based Network Intrusion Detection System,” Computer Communications, vol. 218, pp. 97-113, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Hichem Sedjelmaci, “Cooperative Attacks Detection based on Artificial Intelligence System for 5G Networks,” Computers & Electrical Engineering, vol. 91, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Ahmad Ali AlZubi, Mohammed Al-Maitah, and Abdulaziz Alarifi, “Cyber-Attack Detection in Healthcare Using Cyber-Physical System and Machine Learning Techniques,” Soft Computing, vol. 25, pp. 12319-12332, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Shakila Zaman et al., “Security Threats and Artificial Intelligence Based Countermeasures for Internet of Things Networks: A Comprehensive Survey,” IEEE Access, vol. 9, pp. 94668-94690, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Celestine Iwendi et al., “Sustainable Security for the Internet of Things Using Artificial Intelligence Architectures,” ACM Transactions on Internet Technology, vol. 21, no. 3, pp. 1-22, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Mujaheed Abdullahi et al., “Comparison and Investigation of AI-based Approaches for Cyberattack Detection in Cyber-Physical Systems,” IEEE Access, vol. 12, pp. 31988-32004, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Aya H. Salem et al., “Advancing Cybersecurity: A Comprehensive Review of AI-driven Detection Techniques,” Journal of Big Data, vol. 11, no. 105, pp. 1-38, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Muhammad Mudassar Yamin et al., “Weaponized AI for cyber Attacks,” Journal of Information Security and Applications, vol. 57, pp. 1-35, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Kavitha Dhanushkodi, and S. Thejas, “AI Enabled Threat Detection: Leveraging Artificial Intelligence for Advanced Security and Cyber Threat Mitigation,” IEEE Access, vol. 12, pp. 173127-173136, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[21] T. Sowmya, and E.A. Mary Anita, “A Comprehensive Review of AI based Intrusion Detection System,” Measurement: Sensors, vol. 28, pp. 1-13, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Salwa Alem et al., “A Novel Bi-Anomaly-based Intrusion Detection System Approach for Industry 4.0,” Future Generation Computer Systems, vol. 145, pp. 267-283, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Heng Zeng et al., “Towards a Conceptual Framework for AI-driven Anomaly Detection in Smart City IoT Networks for Enhanced Cybersecurity,” Journal of Innovation & Knowledge, vol. 9, no. 4, pp. 1-12, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Matthew Baker et al., “Real-Time AI-based Anomaly Detection and Classification in Power Electronics Dominated Grids,” IEEE Journal of Emerging and Selected Topics in Industrial Electronics, vol. 4, no. 2, pp. 549-559, 2023. [CrossRef] [Google Scholar] [Publisher Link]
[25] Monika Vishwakarma, and Nishtha Kesswani, “DIDS: A Deep Neural Network based Real-Time Intrusion Detection System for IoT,” Decision Analytics Journal, vol. 5, pp. 1-9, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Md. Asaduzzaman, and Md. Mahbubur Rahman, “An Adversarial Approach for Intrusion Detection using Hybrid Deep Learning Model,” 2022 International Conference on Information Technology Research and Innovation (ICITRI), Jakarta, Indonesia, pp. 18-23, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Zhibo Zhang et al., “Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research,” IEEE Access, vol. 10, pp. 93104-93139, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Ankit Attkan, and Virender Ranga, “Cyber-Physical Security for IoT Networks: A Comprehensive Review on Traditional, Blockchain and Artificial Intelligence,” Complex & Intelligent Systems, vol. 8, pp. 3559-3591, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Marcos V.O. de Assis et al., “Near Real-Time Security System Applied to SDN Environments in IoT Networks using Convolutional Neural Network,” Computers & Electrical Engineering, vol. 86, pp. 1-39, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[30] Norberto Garcia et al., “Distributed Real-Time SlowDoS Attacks Detection over Encrypted Traffic using Artificial Intelligence,” Journal of Network and Computer Applications, vol. 173, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Jalindar Karande, and Sarang Joshi, “Real-Time Detection of Cyber Attacks on the IoT Devices,” 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Kharagpur, India, pp. 1-6, 2020. [CrossRef] [Google Scholar] [Publisher Link]
[32] Stefanos Tsimenidis, Thomas Lagkas, and Konstantinos Rantos, “Deep Learning in IoT Intrusion Detection,” Journal of Network and Systems Management, vol. 30, pp. 1-40, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[33] Minh-Quang Tran et al., “Reliable Deep Learning and IoT-Based Monitoring System for Secure Computer Numerical Control Machines against Cyber-Attacks with Experimental Verification,” IEEE Access, vol. 10, pp. 23186-23197, 2022. [CrossRef] [Google Scholar] [Publisher Link]
[34] Mohamed S. Abdalzaher et al., “Toward Secured IoT-Based Smart Systems Using Machine Learning,” IEEE Access, vol. 11, pp. 20827-20841, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[35] Martin Manuel Lopez et al., “Machine Learning for Intrusion Detection: Stream Classification Guided by Clustering for Sustainable Security in IoT,” Proceedings of the Great Lakes Symposium on VLSI 2023, pp. 691-696, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[36] Vanlalruata Hnamte et al., “A Novel Two-Stage Deep Learning Model for Network Intrusion Detection: LSTM-AE,” IEEE Access, vol. 11, pp. 37131-37148, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[37] Jiawei Du et al., “NIDS-CNNLSTM: Network Intrusion Detection Classification Model based on Deep Learning,” IEEE Access, vol. 11, pp. 24808-24821, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[38] Tao Yi et al., “Review on the Application of Deep Learning in Network Attack Detection,” Journal of Network and Computer Applications, vol. 212, pp. 1-15, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[39] Meenal Jain, and Gagandeep Kaur, “Distributed Anomaly Detection using Concept Drift Detection based Hybrid Ensemble Techniques in Streamed Network Data,” Cluster Computing, vol. 24, pp. 2099-2114, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[40] Mahmoud Abbasi et al., “Class Imbalance in Network Traffic Classification: An Adaptive Weight Ensemble-of-Ensemble Learning Method,” IEEE Access, vol. 13, pp. 26171-26192, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[41] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP), Funchal, Madeira, Portugal, vol. 1, pp. 108-116, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[42] Nour Moustafa, and Jill Slay, “UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set),” 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, ACT, Australia, pp. 1-6, 2015.
[CrossRef] [Google Scholar] [Publisher Link]