Improved CNN-Transformer and SVM Framework for Intrusion Detection

Minyi Jin

doi:10.54097/hdfkzz61

Authors

Minyi Jin

DOI:

https://doi.org/10.54097/hdfkzz61

Keywords:

Internet of Things, Intrusion Detection, Convolutional Neural Network, Transformer, Support Vector Machine

Abstract

Facing the large-scale deployment of Internet of Things in smart homes, smart cities, and industrial scenes, the characteristics of heterogeneous terminals, limited resources, and diverse protocols make it more vulnerable to network attacks such as malicious control, DDoS, and data theft, and an intrusion detection system has become an important aspect of IoT security protection. To cope with the evolution of attack morphology and the complexity of traffic characteristics, this paper proposes an intrusion detection framework, STIF, combining an improved CNN-Transformer model and a support vector machine (SVM). The framework aims to address the problems of insufficient modeling of local details and limited characterization of long-range dependence in traditional convolutional neural networks (CNNs) and Transformers for IoT intrusion detection. In the pre-training section, depthwise separable convolution is introduced to reduce parameter count and computational overhead, and the Transformer decoder’s structure is lightweight and optimized to meet the edge deployment requirements better. In the decision-making section, SVM is used to determine a more robust decision boundary, thereby improving the recognition of minority attacks. The framework is verified on the X-IIoTID dataset, and the experimental results show that the overall detection accuracy reaches 0.9860 and that it effectively identifies small-scale categories.

Downloads

Download data is not yet available.

References

[1] Xu Dongfang, Li Qi, Peng Kaibo. Intrusion detection system based on CNN-BLSTM-XGB [J]. Computer Engineering and Design, 2024, 45(3): 676-683.

[2] Yin Y, Cheng L, Geng L, et al. An effective feature selection method for network intrusion detection based on improved genetic algorithm and recursive feature elimination[J]. Journal of Big Data, 2023, 10(1): 15. DOI:10.1186/s40537-023-00689-w.

[3] Li Jiafeng, Xue Xiao, Wan Jinbin, et al. research on network intrusion detection method of industrial control system based on CNN-LSTM-Attention [J]. Thermal Power Generation, 2024,53 (5): 61-70. doi: 10.19666/J. rlfd.20016.00000000106

[4] Süzen A A. A multi-level hybrid-DBN based intrusion detection system for IoT networks[J]. IET Communications, 2021, 15(12): 1575-1587.

[5] Yang Xiaowen, Cui Zewen, Ma Yulin. Attention-based intrusion detection method using CNN-BiGRU[J]. Information Security Research, 2024, 10(3): 202-208.

[6] Isong B, Kgote O, Abu-Mahfouz A. Insights into Modern Intrusion Detection Strategies for Internet of Things Ecosystems[J]. Electronics, 2024, 13(12): 2370. DOI: 10. 3390/ electronics13122370.

[7] Howard A G, Zhu M, Chen B, et al. MobileNets: Efficient Convolutional Neural Networks for Mobile Vision Applications [EB/OL]. arXiv:1704.04861, 2017.

[8] Vaswani A, Shazeer N, Parmar N, et al. Attention is all you need[C]//Proceedings of the 31st International Conference on Neural Information Processing Systems. 2017: 6000-6010.

[9] Cervantes J, García-Lamont F, Rodríguez-Mazahua L, et al. A comprehensive survey on support vector machine classification: Applications, challenges and trends[J]. Neurocomputing, 2020, 408: 189-215. DOI:10.1016/j.neucom.2019.10.118.

[10] Long Z, Yan H, Shen G, et al. A Transformer-based network intrusion detection approach for cloud security[J]. Journal of Cloud Computing, 2024, 13: 5. DOI:10.1186/s13677-023-005 74-9.

[11] De Keersmaeker F, Cao Y, Ndonda G K, et al. A Survey of Public IoT Datasets for Network Security Research[J]. IEEE Communications Surveys & Tutorials, 2023, 25(3): 1808-1840. DOI:10.1109/COMST.2023.3288942.

[12] Ahmad Z, Shahid Khan A, Wai Shiang C, et al. Network intrusion detection system: A systematic study of machine learning and deep learning approaches[J]. Transactions on Emerging Telecommunications Technologies, 2021, 32(1): e4150. DOI:10.1002/ett.4150.

[13] Rahman M M, Al Shakil S, Mustakim M R. A survey on intrusion detection systems in IoT networks[J]. Cyber Security and Applications, 2025, 3: 100082. DOI:10. 1016/j. csa. 2024. 100082.

[14] Kheddar H. Transformers and large language models for efficient intrusion detection systems: A comprehensive survey [J]. Information Fusion, 2025, 124: 103347. DOI:10. 1016/ j.inffus.2025.103347.

[15] Han K, Wang Y, Chen H, et al. A survey on vision transformer[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 2022, 45(1): 87-110.

[16] Wang H, Li G, Wang Z. Fast support vector machine classifier for large-scale problems[J]. Information Sciences, 2023, 642: 119136. DOI:10.1016/j.ins.2023.119136.

[17] Rainio O, Teuho J, Klén R. Evaluation metrics and statistical tests for machine learning[J]. Scientific Reports, 2024, 14: 6086. DOI:10.1038/s41598-024-56706-x.

[18] Al-Hawawreh M, Sitnikova E, Aboutorab N. X-IIoTID: A connectivity-agnostic and device-agnostic intrusion dataset for industrial internet of things[J]. IEEE Internet of Things Journal, 2022, 9(5): 3962-3977. DOI:10.1109/JIOT.2021.3102056.