Search Icon
2027 Submissions

TIPSO-GAN: Malicious Network Traffic Detection Using a Novel Optimized Generative Adversarial Network

Ernest Akpaku (School of Computer Science and Communication Engineering, Jiangsu University), Jinfu Chen (School of Computer Science and Communication Engineering, Jiangsu University), Joshua Ofoeda (University of Professional Studies, Accra)

Detecting advanced cyber threats, particularly zero-day vulnerabilities, poses significant challenges in network security. This paper presents TIPSO-GAN, an optimized Generative Adversarial Network (GAN) for detecting malicious traffic. TIPSO-GAN addresses common GAN-based intrusion detection system (IDS) issues, such as training instability and mode collapse, by framing GAN training as a swarm optimization problem, harnessing collective intelligence for complex optimization. To enhance Particle Swarm Optimization (PSO), TIPSO- GAN employs three strategies: (1) adaptive inertia weights for a balance of exploration and exploitation, (2) a diversity preservation strategy to prevent premature convergence, and (3) a feedback loop to reinitialize stagnant particles. TIPSO-GAN integrates transfer learning with a Temporal-Decaying Multi- Head Self-Attention mechanism to prioritize recent features, aiding in unseen malicious traffic detection. A combination of reconstruction loss and focal loss in the objective function further ensures realistic normal samples while focusing on challenging malicious samples. Across CIC-IDS2018, CICAPT-IIoT2024, and CIC-DDoS2019, TIPSO-GAN achieves 99.1±0.1, 98.9±0.1, and 98.7±0.1 F1, outperforming the strongest baseline by 0.2–1.0 F1 and exceeding transformer IDS models. On CICAPT-IIoT2024, it reaches 0.999±0.002 macro PR-AUC, ahead of the next best method (0.960±0.005). Under strict zero-day evaluations, TIPSO-GAN attains 92.3 F1 in LOFO tests and 79–83 F1 in cross-dataset experiments while maintaining recall above 0.80. Despite PSO-enhanced training, TIPSO-GAN maintains 0.42 ms latency, ∼2400 flows/s throughput, and a 2.1 GB footprint, with stable performance up to $10^{8}$ flows. Our code is accessible at https://github.com/osampas27/tipsoganmod.

Paper

View More Papers

PortRush: Detect Write Port Contention Side-Channel Vulnerabilities via Hardware...

Peihong Lin (National University of Defense Technology), Pengfei Wang (National University of Defense Technology), Lei Zhou (National University of Defense Technology), Gen Zhang (National University of Defense Technology), Xu Zhou (National University of Defense Technology), Wei Xie (National University of Defense Technology), Zhiyuan Jiang (National University of Defense Technology), Kai Lu (National University of Defense…

Read More

BSFuzzer: Context-Aware Semantic Fuzzing for BLE Logic Flaw Detection

Ting Yang (Xidian University and Kanazawa University), Yue Qin (Central University of Finance and Economics), Lan Zhang (Northern Arizona University), Zhiyuan Fu (Hainan University), Junfan Chen (Hainan University), Jice Wang (Hainan University), Shangru Zhao (University of Chinese Academy of Sciences), Qi Li (Tsinghua University), Ruidong Li (Kanazawa University), He Wang (Xidian University), Yuqing Zhang (University…

Read More

CatBack: Universal Backdoor Attacks on Tabular Data via Categorical...

Behrad Tajalli (Radboud University), Stefanos Koffas (Delft University of Technology), Stjepan Picek (Radboud University)

Read More