AMAT-IDS: Enhanced Multi-Objective Feature Selection with Dynamic Twin Auto-Encoders for Intrusion Detection
Keywords:
Intrusion Detection System, GA-SUS, Dynamic Twin Auto-Encoder, Feature Selection, Class Imbalance, Cybersecurity.Abstract
Intrusion Detection Systems (IDS) are critical for mitigating cyberattacks in modern networks, yet existing approaches often struggle with high-dimensional features, severe class imbalance, and limited adaptability to evolving threats. This study proposes AMAT-IDS, a hybrid framework that integrates Enhanced Genetic Algorithm with Stochastic Universal Sampling (GA-SUS) for multi-objective feature selection and a Dynamic Twin Auto-Encoder (DTAE) for minority class enhancement. The methodology was validated on the NSL-KDD dataset through a three-step pipeline: baseline evaluation with Random Forest, GA-SUS-driven feature reduction, and DTAE-based anomaly detection. Experimental results demonstrate that GA-SUS reduced the feature set from 41 to 11, achieving a 73.2% reduction while retaining high performance (Test Accuracy: 96.49%, CV Mean: 96.55%). The baseline RF model acquired an accuracy of 99.48%. The subsequent DTAE further improved minority class detection, with U2R precision rising from 0.500 to 0.778 and R2L precision from 0.563 to 0.987, though with a minor trade-off in overall accuracy (96.02% vs 96.49% baseline). Cross-validation confirmed the model’s stability (CV Mean: 96.07%, ±0.35). These findings establish AMAT-IDS as a robust, memory-efficient, and interpretable IDS framework. By balancing feature reduction, detection accuracy, and minority class performance, the system addresses critical gaps in dataset dependency, computational overhead, and explainability observed in prior IDS research. The contributions of this work hold significant potential for real-time IoT, cloud, and industrial cyber-physical system security applications.
Downloads
References
M. Mohi-Ud-Din, S. Rubaiee, and F. Masood, “Intrusion detection using hybrid crow search and particle swarm optimization with weighted random forest,” IEEE Access, vol. 11, pp. 76432–76445, 2023. doi: 10.1109/ACCESS.2023.3258179
K. Ganapathy, S. Yuvaraj, R. A. Rao, and R. Ravi, “CIDF-VAWGAN-GOA: A cloud intrusion detection framework integrating variational autoencoders and Wasserstein GANs optimized by gazelle optimization algorithm,” IEEE Transactions on Network and Service Management, vol. 20, no. 4, pp. 4563–4575, Dec. 2023. doi: 10.1109/TNSM.2023.3258974
J. Li, Z. Liu, and Q. Zhang, “AE-IDS: Autoencoder-based intrusion detection with feature selection using random forest,” Applied Soft Computing, vol. 97, p. 106729, Dec. 2020. doi: 10.1016/j.asoc.2020.106729
K. Madhusudhan and M. Madam, “AMV-AE: Multi-wavelet autoencoder integrated with aquila-optimized CNN for intrusion detection in IoT,” PLOS ONE, vol. 20, no. 8, p. e0312345, Aug. 2025. doi: 10.1371/journal.pone.0312345
R. Krishnaveni, A. Kannan, and S. Nandhini, “TwinSec-IDS: A twin ensemble deep learning model for SDN-based ICPS intrusion detection,” PLOS ONE, vol. 19, no. 12, p. e0298762, Dec. 2024. doi: 10.1371/journal.pone.0298762
T. Kil, J. Park, and Y. Kim, “Memory-efficient IDS through multi-binary classifier framework for attack-type specific feature subsets,” Applied Intelligence, vol. 54, no. 8, pp. 8976–8991, Aug. 2024. doi: 10.1007/s10489-023-04689-1
J. Wanjau and C. Kamau, “Ensemble feature selection for intrusion detection using CICIDS2017 dataset,” Egyptian Informatics Journal, vol. 26, no. 2, pp. 213–225, Jun. 2025. doi: 10.1016/j.eij.2025.03.004
A. Christy, M. George, and P. S. Varghese, “MLIDS-RFA: A lightweight intrusion detection system for VANETs using random forest feature selection,” IEEE Internet of Things Journal, vol. 12, no. 14, pp. 16745–16755, Jul. 2025. doi: 10.1109/JIOT.2025.3357891
P. Kotwal, R. Sharma, and S. Gupta, “Hybrid VGG16-autoencoder-random forest model for IoT anomaly detection,” International Journal of Engineering Trends and Technology, vol. 78, no. 3, pp. 112–122, Mar. 2025. doi: 10.14445/22315381/IJET-V78I3P212
P. Senthilkumar, N. Kumaravel, and R. Karthik, “Enhanced feature extraction for cloud IDS using VAWGAN and Archerfish hunting optimization,” Journal of Cloud Computing, vol. 12, no. 1, p. 57, Nov. 2023. doi: 10.1186/s13677-023-00435-7
R. Krishnaveni and A. Kannan, “Explainable AI-based ensemble feature selection for intrusion detection,” Journal of Intelligent & Fuzzy Systems, vol. 40, no. 2, pp. 2689–2701, 2021. doi: 10.3233/JIFS-189034
X. Gao, Y. Wang, B. Guo, and L. Zhu, “A synergistic hybrid model for network intrusion detection combining deep autoencoders and evolutionary optimization,” Expert Systems with Applications, vol. 228, p. 120493, 2025. doi: 10.1016/j.eswa.2025.120493
J. Gao, L. Zhu, B. Guo, and Y. Wang, “Multi-scale feature enhanced detection of foreign object intrusions on railways,” The Journal of Supercomputing, vol. 81, no. 6, pp. 777–795, Apr. 2025. doi: 10.1007/s11227-025-07254-2
W. Wei, S. Chen, Q. Lin, J. Ji, and Y. Hu, “A multi-objective immune algorithm for intrusion feature selection,” Applied Soft Computing, vol. 95, p. 106522, Jul. 2020. doi: 10.1016/j.asoc.2020.106522
M. Umer, M. Tahir, M. Sardaraz, M. Sharif, H. Elmannai, and A. D. Algarni, “Network intrusion detection model using wrapper-based feature selection and multi-head attention transformers,” Scientific Reports, vol. 15, no. 1, p. 28718, Aug. 2025. doi: 10.1038/s41598-025-11348-5
B. A. Manjunatha, K. A. Shastry, E. Naresh, P. K. Pareek, and K. T. Reddy, “A network intrusion detection framework on sparse deep denoising auto-encoder for dimensionality reduction,” Soft Computing, vol. 28, pp. 4503–4517, Nov. 2023. doi: 10.1007/s00500-023-09408-x
M. A. Laamari and N. Kamel, “A new multi-objective binary bat algorithm for feature selection in intrusion detection systems,” Concurrency and Computation: Practice and Experience, vol. 37, no. 4–5, e70000, Feb. 2025. doi: 10.1002/cpe.70000
R. Ji, N. Kumar, and D. Padha, “Hybrid enhanced intrusion detection frameworks for cyber-physical systems via optimal feature selection,” Indian Journal of Science and Technology, vol. 17, no. 30, pp. 3069–3079, Jul. 2024. doi: 10.17485/IJST/v17i30.1794
M. A. Shyaa, N. F. Ibrahim, Z. B. Zainol, R. Abdullah, and M. Anbar, “Reinforcement learning-based voting for feature drift-aware intrusion detection: An incremental learning framework,” IEEE Access, vol. 13, pp. 37872–37885, Jan. 2025. doi: 10.1109/ACCESS.2025.3544221
C. Abana, “Leveraging AutoML for advanced network traffic analysis and intrusion detection by enhancing security with a multi-feature IDS dataset,” Doctor of Engineering Thesis, George Washington Univ., Washington, DC, USA, Aug. 2025. doi: 10.13140/RG.2.2.12374.10567
N. Levi, H. Cohen, and R. Shapira, “Genetic algorithm-enhanced neural networks for intrusion detection,” International Journal of Computer Applications, vol. 183, no. 22, pp. 15–22, Nov. 2025.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
