AI-Enhanced Intrusion Detection: Integrating Expert Knowledge and Machine Learning for Enterprise Networks

Document Type : Research Paper

Authors

1 Assistant Prof., Signal and Communication Laboratory, Department of Electronics, National Polytechnic School, Algeria

2 Prof., Signal and Communication Laboratory, Department of Electronics, National Polytechnic School, Algeria.

3 Assistant Prof., Laboratoire de la Communication dans les Systèmes Informatiques, Ecole Nationale Supérieure d’Informatique, BP 68M, 16309, Oued-Smar, Alger, Algérie.

10.22059/jitm.2025.105485

Abstract

Enterprise networks, as the backbone of modern information systems, are increasingly exposed to sophisticated and rapidly evolving cyber threats. Traditional Intrusion Detection Systems (IDS), based on static attack signatures, often fail to detect novel or complex intrusions, resulting in high false alarm rates. This study proposes an intelligent IDS that leverages Machine Learning and Deep Learning techniques to significantly improve detection accuracy and reduce alert noise. The system is capable of classifying attacks by severity and provides an intuitive interface to support efficient threat monitoring. Beyond technical performance, the solution addresses managerial objectives by lowering maintenance costs, enhancing service quality, accelerating incident response, and ensuring high availability with straightforward deployment. The proposed model offers a scalable and resilient IDS tailored for enterprise environments, contributing both practical and strategic value in the fight against increasingly sophisticated cyberattacks.

Keywords

References

Aamir, M., Rizvi, S. S. H., Hashmani, M. A., Zubair, M., & Ahmad, J. (2021). Machine learning classification of port scanning and DDoS attacks: A comparative analysis. Mehran University Research Journal of Engineering & Technology40(1), 215-229.
Bouyeddou, B., Harrou, F., Sun, Y., & Kadri, B. (2018, May). Detection of smurf flooding attacks using a Kullback-Leibler-based scheme. In 2018 4th International Conference on Computer and Technology Applications (ICCTA) (pp. 11-15). IEEE.
Chaganti, R., Boppana, R. V., Ravi, V., Munir, K., Almutairi, M., Rustam, F., ... & Ashraf, I. (2022). A comprehensive review of denial of service attacks in the blockchain ecosystem and open challenges. IEEE Access10, 96538-96555.
Djuitcheu, H., Debes, M., Aumüller, M., & Seitz, J. (2022, March). Recent review of distributed denial of service attacks in the Internet of Things. In 2022 5th conference on cloud and internet of things (CIoT) (pp. 32-39). IEEE.
El Rab, M. G. (2008). Evaluation des systèmes de détection d'intrusion (Doctoral dissertation, Université Paul Sabatier-Toulouse III).
Hasan, M. K., Habib, A. A., Islam, S., Safie, N., Abdullah, S. N. H. S., & Pandey, B. (2023). DDoS: Distributed denial of service attack in communication standard vulnerabilities in smart grid applications and cybersecurity with recent developments. Energy Reports9, 1318-1326.
Khan, N., Ahmad, K., Tamimi, A. A., Alani, M. M., Bermak, A., & Khalil, I. (2024). Explainable AI-based Intrusion Detection System for Industry 5.0: An Overview of the Literature, associated Challenges, the existing Solutions, and Potential Research Directions. arXiv preprint arXiv:2408.03335.
Kumar, A., Gahlawat, R., Thakur, A., & Pahuja, D. (2025). A Hybrid Deep Learning Framework for IoT Network Intrusion Detection System.
Labonne, M. (2020). Anomaly-based network intrusion detection using machine learning (Doctoral dissertation, Institut Polytechnique de Paris).
Lindstedt, H. (2022). Methods for Network Intrusion Detection: Evaluating Rule-Based Methods and Machine Learning Models, on the CIC-IDS2017 Dataset.
Najafabadi, M. M., Khoshgoftaar, T. M., Kemp, C., Seliya, N., & Zuech, R. (2014, November). Machine Learning for detecting brute force attacks at the network level. In 2014 IEEE International Conference on Bioinformatics and Bioengineering (pp. 379-385). IEEE.
Neupane, S., Ables, J., Anderson, W., Mittal, S., Rahimi, S., Banicescu, I., & Seale, M. (2022). Explainable intrusion detection systems (x-ids): A survey of current methods, challenges, and opportunities. IEEE Access10, 112392-112415.
Revathy, G., Rajendran, V., Sathish Kumar, P., Vinuharini, S., & Roopa, G. N. (2022, May). Smurf attack using a hybrid machine learning technique. In AIP Conference Proceedings (Vol. 2463, No. 1, p. 020015). AIP Publishing LLC.
Roy, P., Kumar, R., & Rani, P. (2022, May). SQL injection attack detection by a machine learning classifier. In 2022 International Conference on Applied Artificial Intelligence and Computing (ICAAIC) (pp. 394-400). IEEE.
Rustam, F., Mushtaq, M. F., Hamza, A., Farooq, M. S., Jurcut, A. D., & Ashraf, I. (2022). Denial of service attack classification using machine learning with multi-features. Electronics11(22), 3817.
Wang, M., Yang, N., Gunasinghe, D. H., & Weng, N. (2023). On the robustness of ML-based network intrusion detection systems: An adversarial and distribution shift perspective. Computers12(10), 209.
Zeebaree, S. R., Jacksi, K., & Zebari, R. R. (2020). Impact analysis of SYN flood DDoS attack on HAProxy and NLB cluster-based web servers. Indones. J. Electr. Eng. Comput. Sci19(1), 510-517.
 
 
 
 
 
 
Journal of Information Technology Management
Volume 17, Issue 4
2025
Pages 99-116

Files

Share

How to cite

Statistics