Search for Articles:
International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 18, No. 1, 8 Feb. 2026

Cover page and Table of Contents: PDF (size: 535KB)

MECS Press Journal

A Comparative Analysis of Deep Learning Architecture for Early Detection of DoS/DDoS Patterns in Network Traffic Using Intrusion Detection Systems

PDF (535KB), PP.131-141

Views: 0 Downloads: 0

Author(s)

Andreas Handojo 1,* Marvel Wilbert Odelio 1 Nico Alexandre Kurniawan 1 Dillan Engelbert Hendrarto 1 Matthew Timothy Handoyo 2

1. Informatics Department, Petra Christian University, Surabaya, Indonesia

2. Business Management Department, National Tsing Hua University, Hsinchu, Taiwan, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2026.01.09

Received: 2 Sep. 2025 / Revised: 18 Oct. 2025 / Accepted: 24 Nov. 2025 / Published: 8 Feb. 2026

Index Terms

Intrusion Detection System, Deep Learning, Denial of Service, Convolutional Neural Network, Long Short-Term Memory

Abstract

Advanced intrusion detection systems are required due to the quick uptake of cloud computing and the growing complexity of cyber threats, especially Denial of Service and Distributed Denial of Service attacks. Deep learning architectures are becoming more popular because traditional IDS techniques frequently falter in dynamic, large-scale settings. Using datasets including CICIDS2017, NSL-KDD, and UNSW-NB15, this paper assesses the effectiveness of well-known DL architectures for intrusion detection, including Convolutional Neural Network, Recurrent Neural Networks, Long Short-Term Memory, and others. Key performance indicators such as accuracy, precision, and false positive rates are examined to compare the efficacy of these models. The findings show that some designs, like ResNet and Self-Organizing Map, perform well in structured environments but poorly on complicated datasets like KDDTest-21. Another important data gap highlighting the need for more research in this area is that most models do not automatically adjust to unexpected threats. This work aids in the creation of intelligent, scalable systems for changing network environments by evaluating the efficacy of DL-based IDS solutions.

Cite This Paper

Andreas Handojo, Marvel Wilbert Odelio, Nico Alexandre Kurniawan, Dillan Engelbert Hendrarto, Matthew Timothy Handoyo, "A Comparative Analysis of Deep Learning Architecture for Early Detection of DoS/DDoS Patterns in Network Traffic Using Intrusion Detection Systems", International Journal of Computer Network and Information Security(IJCNIS), Vol.18, No.1, pp.131-141, 2026. DOI:10.5815/ijcnis.2026.01.09

Reference

[1]D. S. Berman, A. L. Buczak, J. S. Chavis and C. L. Corbett, “A Survey of Deep Learning Methods for Cyber Security,” Information, vol. 10, no. 4, Art. no. 4, Apr. 2019, doi: 10.3390/info10040122.
[2]J. Lansky et al., “Deep Learning-Based Intrusion Detection Systems: A Systematic Review,” IEEE Access, vol. 9, pp. 101574–101599, 2021, doi: 10.1109/ACCESS.2021.3097247.
[3]I. H. Sarker, “Deep Cybersecurity: A Comprehensive Overview from Neural Network and Deep Learning Perspective,” SN Comput. Sci., vol. 2, no. 3, p. 154, Mar. 2021, doi: 10.1007/s42979-021-00535-6.
[4]“What is a denial-of-service (DoS) attack?” Accessed: Nov. 27, 2024. [Online]. Available: https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/
[5]“AI vs. Machine Learning vs. Deep Learning vs. Neural Networks | IBM.” Accessed: Nov. 27, 2024. [Online]. Available: https://www.ibm.com/think/topics/ai-vs-machine-learning-vs-deep-learning-vs-neural-networks
[6]A. B. Nassif, I. Shahin, I. Attili, M. Azzeh and K. Shaalan, “Speech Recognition Using Deep Neural Networks: A Systematic Review,” IEEE Access, vol. 7, pp. 19143–19165, 2019, doi: 10.1109/ACCESS.2019.2896880.
[7]C.S. Shieh, T.T. Nguyen, M.F. Horng, “Detection of Unknown DDoS Attack Using Convolutional Neural Networks Featuring Geometrical Metric,”Mathematics, 2023, 11(9), 2145, doi: 10.3390/math11092145  
[8] A. H. Halbouni, T. S. Gunawan, M. Halbouni, F. A. A. Assaig, M. R. Effendi and N. Ismail, “CNN-IDS: Convolutional Neural Network for Network Intrusion Detection System,” International Conference on Wireless and Telematics, 2022, pp. 1–4. doi: 10.1109/ICWT55831.2022.9935478.
[9] L. Yang and A. Shami, “A Transfer Learning and Optimized CNNBased Intrusion Detection System for Internet of Vehicles,” IEEE International Conference on Communications, 2022, pp. 2774–2779. doi: 10.1109/ICC45855.2022.9838780.
[10]M. Ibrahim and R. Elhafiz, “Modeling an intrusion detection using recurrent neural networks,” J. Eng. Res., vol. 11, no. 1, p. 100013, Mar. 2023, doi: 10.1016/j.jer.2023.100013.
[11]D. M. Brandão Lent, M. P. Novaes, L. F. Carvalho, J. Lloret, J. J. P. C. Rodrigues and M. L. Proença, "A Gated Recurrent Unit Deep Learning Model to Detect and Mitigate Distributed Denial of Service and Portscan Attacks," IEEE Access, vol. 10, pp. 73229-73242, 2022, doi: 10.1109/ACCESS.2022.3190008.
[12]O. Belarbi, A. Khan, P. Carnelli and T. Spyridopoulos, “An Intrusion Detection System Based on Deep Belief Networks. In: Su, C., Sakurai, K., Liu, F. Lecture Notes in Computer Science, 2022, vol 13580. Springer, Cham. https://doi.org/10.1007/978-3-031-17551-0_25
[13]M. Rafiee and A. Shirmarz, “Self-Organization Map (SOM) Algorithm for DDoS Attack Detection in Distributed Software Defined Network (D-SDN),” J. Inf. Syst. Telecommun, vol. 2, no. 38, p. 120, Apr. 2022, doi: 10.52547/jist.15644.10.38.120.
[14]G. S. Kushwah and V. Ranga, “Optimized extreme learning machine for detecting DDoS attacks in cloud computing,” Comput. Secur., vol. 105, p. 102260, Jun. 2021, doi: 10.1016/j.cose.2021.102260.
[15]D. M. Rajan and D. J. Aravindhar, “Detection and Mitigation of DDOS Attack in SDN Environment Using Hybrid CNN-LSTM,” Migration Letters, 2023, Vol. 20, No. S13, doi: 10.59670/ml.v20iS13.6472.
[16]A. Sanmorino, L. Marnisah and H. D. Kesuma, “Detection of DDoS Attacks using Fine-Tuned Multi-Layer Perceptron Models,” Eng. Technol. Appl. Sci. Res., vol. 14, no. 5, Art. no. 5, Oct. 2024, doi: 10.48084/etasr.8362.
[17]A. Alfatemi, M. Rahouti, R. Amin, S. ALJamal, K.Xiong, Y.Xin, “Advancing DDoS Attack Detection: A Synergistic Approach Using Deep Residual Neural Networks and Synthetic Oversampling.” Accessed: Nov. 28, 2024. arXiv, 2024. doi: 10.48550/arXiv.2401.03116
[18]“IDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity | UNB.” Accessed: Nov. 27, 2024. [Online]. Available: https://www.unb.ca/cic/datasets/ids-2017.html
[19]N. Moustafa and J. Slay, “UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” Military Communications and Information Systems Conference, 2015, pp. 1–6. doi: 10.1109/MilCIS.2015.7348942.
[20]M. Ozkan-Okay, R. Samet, Ö. Aslan and D. Gupta, “A Comprehensive Systematic Literature Review on Intrusion Detection Systems,” IEEE Access, vol. 9, pp. 157727–157760, 2021, doi: 10.1109/ACCESS.2021.3129336.
[21]A. Kumar, “Accuracy, Precision, Recall & F1-Score - Python Examples,” Analytics Yogi. Accessed: Nov. 27, 2024. [Online]. Available: https://vitalflux.com/accuracy-precision-recall-f1-score-python-example/
[22]S. Sindian and S. Sindian, “An Enhanced Deep Autoencoder-based Approach for DDoS Attack Detection.” WSEAS Transactions on Systems and Control, Vol 15, 2020, pp. 716-724, doi: 10.37394/23203.2020.15.72

Subscribe to receive issue release notifications and newsletters from MECS Press journals