Article
Advanced Network Threat Detection Using Sequential and Convolutional Feature Modeling
The proposed work presents an enhanced network intrusion detection framework based on a hybrid Seq2Seq–ConvLSTM architecture integrated with Gated Recurrent Unit (GRU) and Bidirectional learning mechanisms. Modern network environments generate large volumes of sequential traffic data containing complex temporal and spatial dependencies, making accurate intrusion detection a challenging task. To address these challenges, the proposed model extends the conventional Seq2Seq– ConvLSTM framework by incorporating GRU layers to improve computational efficiency and Bidirectional layers to capture contextual information from both past and future network traffic sequences. The GRU component is employed to reduce the computational complexity associated with traditional recurrent neural networks while maintaining effective long-term dependency learning. Compared with conventional LSTM-based architectures, GRU requires fewer parameters, resulting in faster training and inference times without sacrificing detection accuracy. This enhancement enables the model to process large-scale network traffic efficiently and supports real-time intrusion detection requirements. To further improve feature representation, Bidirectional recurrent layers are integrated into the architecture. The Bidirectional mechanism processes network traffic sequences in both forward and backward directions, allowing the model to learn comprehensive temporal relationships and capture sophisticated attack patterns that may not be effectively identified through unidirectional processing. This capability enhances the detection of complex and evolving cyberattacks, including previously unseen intrusion behaviors. The proposed Bidirectional GRU-Integrated Seq2Seq–ConvLSTM framework combines sequence-to-sequence learning for feature encoding, ConvLSTM layers for spatiotemporal pattern extraction, and Bidirectional GRU layers for enhanced temporal dependency modeling. A Flaskbased web application is developed to provide an interactive platform where users can upload network traffic datasets and obtain intrusion classification results in real time. The system supports automated analysis and visualization of detection outcomes, making it suitable for practical cybersecurity monitoring environments. Experimental evaluation demonstrates that the proposed framework outperforms baseline Seq2Seq– ConvLSTM and Random Forest models across multiple performance metrics, including accuracy, precision, recall, F1-score, and detection latency. The results indicate improved robustness against diverse attack categories while maintaining efficient computational performance. These findings suggest that the proposed Bidirectional GRU-Integrated Seq2Seq–ConvLSTM model offers a reliable, scalable, and effective solution for modern network intrusion detection systems operating in dynamic and security-critical environments.
Full Text Attachment
