Enhancing Intrusion Detection: A Comprehensive Review of Hybrid Machine Learning and Deep Learning Approaches
Abstract
: The growing frequency of attacks and increasing sophistication have brought forth the shortcomings of traditional IDSs, which are incapable of zero-day threat detection and carrying out comparative studies on imbalanced datasets. Challenged with such constraints, the researchers have ended up encouraging the hybridization of ML and DL techniques. ML approaches, which include Decision Trees, Random Forests, and Support Vector Machines, offer interpretability and efficiency, while DL systems, which consist of CNNs, RNNs, and Autoencoders, exhibit superior feature extraction and pattern recognition capabilities. Unlike typical ML systems which heavily rely on manual feature engineering, DL systems require vast amounts of labeled data, the deployment of which is still a challenge due to its computational complexity. Hybrid approaches combine the advantages of representation learning in DL with efficient and interpretable classification by ML. Therefore, this review integrates the state-of-the-art advances in hybrid-based IDS concerning the enhancement of Detection Accuracy, decrease of FP rate, and adaptive behavior to the dynamics of the attack landscapes. Benchmark evaluations on datasets such as NSL-KDD, UNSW-NB15, and CICIDS2017 have shown the hybrid models to be notably successful in balancing between precision, scalability, and real-time considerations. However, challenges in speed traffic handling, explaining, and privacy concerns in distributed environments remain. The future directions encompass researching federated learning, transfer learning, and lightweight architectures toward optimized IDSs for cloud, IoT, and critical infrastructures.
Downloads
Metrics
References
S. D. Kumar, R. Selvakumar, and R. S. Raj, “Intrusion detection system using machine learning techniques and feature selection,” Journal of Ambient Intelligence and Humanized Computing, vol. 11, no. 11, pp. 5709–5722, Nov. 2020.
N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, “A deep learning approach to network intrusion detection,” IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 4, no. 2, pp. 127–138, Apr. 2020.
S. Garg, A. Kaur, and N. Kumar, “Hybrid deep learning-based anomaly detection scheme for smart healthcare networks,” IEEE Transactions on Industrial Informatics, vol. 16, no. 8, pp. 5244–5253, Aug. 2020.
H. Choi, M. Kim, G. Lee, and W. Kim, “Unsupervised learning approach for network intrusion detection system using autoencoders,” The Journal of Supercomputing, vol. 76, no. 2, pp. 775–791, Feb. 2020.
M. Ring, S. Wunderlich, D. Grüdl, and A. Hotho, “Flow-based network traffic generation using generative adversarial networks,” Computers & Security, vol. 89, pp. 101659, Feb. 2020.
Javaid, Q. Niyaz, W. Sun, and M. Alam, “A deep learning approach for network intrusion detection system,” Future Generation Computer Systems, vol. 98, pp. 219–231, Sept. 2020.
F. Hodo, X. Bellekens, A. Hamilton, and C. Tachtatzis, “Threat analysis of IoT networks using artificial neural network intrusion detection system,” Procedia Computer Science, vol. 141, pp. 253–259, 2020.
R. Vinayakumar, K. P. Soman, and P. Poornachandran, “Applying convolutional neural network for network intrusion detection,” International Journal of Network Security, vol. 22, no. 2, pp. 231–240, Mar. 2020.
Z. Li, Z. Qin, K. Huang, X. Yang, and S. Ye, “Intrusion detection using convolutional neural networks for representation learning,” Security and Communication Networks, vol. 2020, pp. 1–10, 2020.
M. Zakariah, S. A. AlQahtani, A. M. Alawwad, and A. A. Alotaibi, “Intrusion Detection System with Customized Machine Learning Techniques for NSL-KDD Dataset,” Comput. Mater. Contin., vol. 77, no. 3, pp. 4025–4054, 2023.
Q. Abbas et al., “Optimization of predictive performance of intrusion detection system classifiers,” Appl. Sci., vol. 13, no. 3, pp. 1–20, 2023.
H. M. Rai et al., “The Improved Network Intrusion Detection Techniques,” Mathematics, vol. 12, no. 2, pp. 1–15, 2024.
P. Waghmode et al., “Intrusion detection system based on machine learning and exhaustive feature selection,” Sci. Rep., vol. 14, no. 1, pp. 1–15, 2024.
M. Farhan et al., “Network-based intrusion detection using deep learning and feature reduction,” Sci. Rep., vol. 15, pp. 1–12, 2025
M. Umer et al., “Network intrusion detection model using wrapper-based feature selection,” IEEE Access, vol. 13, pp. 1–15, 2025.
A. A. Amouri et al., “Network intrusion detection and prevention system using hybrid approaches,” Wiley Security J., vol. 14, no. 4, pp. 321–333, 2024.
S. A. Ajagbe et al., “A Comparison Study of Machine Learning Models Using Intrusion Detection Datasets,” SN Comput. Sci., vol. 5, no. 2, pp. 1–15, 2024.
Rachid Tahri, Abdellatif Lasbahani, Abdessamad Jarrar, Youssef Balouki “Intelligent Intrusion Detection Using Decision Trees,” JSJU J. Comput., vol. 12, no. 3, pp. 77–85, 2024.
H. M. Rai et al., “The Improved Network Intrusion Detection Techniques,” Mathematics, vol. 12, no. 2, pp. 1–15, 2024.
M. M. Alhusseini and M. R. F. Derakhshi, “Hybrid AI-Driven Intrusion Detection: Framework and Case Studies,” arXiv preprint arXiv:2503.11234, 2025.
V. K. Pandey et al., “Enhancing intrusion detection in wireless sensor networks using Tabu Search–optimized Random Forest,” Sci. Rep., vol. 15, no. 1, pp. 1–14, 2025.
A. Amouri et al., “Enhancing Intrusion Detection in IoT Environments: An Advanced Ensemble Approach Using Kolmogorov-Arnold Networks,” arXiv preprint arXiv:2405.07123, 2024.
F. S. Alsubaei et al., “Smart deep learning model for enhanced IoT intrusion detection,” Sci. Rep., vol. 15, pp. 1–13, 2025.
M. A. Hossain et al., “Ensuring network security with a robust intrusion detection system,” Future Gener. Comput. Syst., vol. 141, pp. 78–89, 2023.
V. Z. Mohale et al., “Evaluating machine learning-based intrusion detection systems: Comparative performance analysis,” Front. Comput. Sci., vol. 7, pp. 1–12, 2025.
S. Psychogyios et al., “Deep Learning for Intrusion Detection Systems (IDSs) in …,” Future Internet, vol. 16, no. 3, 2024. MDPI
E. C. P. Neto, “Deep learning for intrusion detection in emerging …,” Intell. Serv. & Appl., 2025. SpringerLink
H. M. Rai et al., “LuNet: An optimized LSTM-based deep learning model for anomaly detection,” Sci. Rep., 2025. Nature
E. Li, “SAFE: Masked autoencoder based self-supervised framework for IDS,” arXiv:2502.07119, 2025. arXiv
K. Harshdeep, “DeepTransIDS: Transformer-Based Deep learning Model for IDS,” Comput. Netw. & Security, 2025. ScienceDirect
F. S. Alsubaei, “Smart deep learning model for enhanced IoT intrusion detection,” Sci. Rep., 2025. Nature
Imtiaz, N.; Wahid, A.; Ul Abideen, S.Z.; Muhammad Kamal, M.; Sehito, N.; Khan, S.; Virdee, B.S.; Kouhalvandi, L.; Alibakhshikenari, M. A Deep Learning-Based Approach for the Detection of Various Internet of Things Intrusion Attacks Through Optical Networks. Photonics 2025, 12, 35. https://doi.org/10.3390/photonics12010035
Vikrant Sharma “Hybrid CapsNet + BiLSTM for IDS,” preprint / conference, 2025. ResearchGate
B. A. Manjunatha, “A network intrusion detection framework on sparse deep autoencoders (SDDA),” Soft Comput., 2024. SpringerLink
K. A. Alaghbari, “Deep Autoencoder-Based Integrated Model for Anomaly Detection,” Security, MDPI, 2023. MDPI
I. Koukoulis, “Self-Supervised Transformer-based Contrastive Learning for IDS,” arXiv:2505.08816, 2025. arXiv
F. Ullah, “IDS-INT: Intrusion detection system using transformer-based transfer learning for imbalanced network traffic,” Comput. Netw. J., 2024. ScienceDirect
A. Gueriani, H. Kheddar and A. C. Mazari, "Enhancing IoT Security with CNN and LSTM-Based Intrusion Detection Systems," 2024 6th International Conference on Pattern Analysis and Intelligent Systems (PAIS), EL OUED, Algeria, 2024, pp. 1-7, doi: 10.1109/PAIS62114.2024.10541178.
Qazi, E.U.H.; Faheem, M.H.; Zia, T. HDLNIDS: Hybrid Deep-Learning-Based Network Intrusion Detection System. Appl. Sci. 2023, 13, 4921. https://doi.org/10.3390/app13084921 “
Richard Kimanzi, Peter Kimanga, Dedan Cherori, Patrick K. Gikunda “Deep Learning Algorithms Used in Intrusion Detection” (review), arXiv, 2024. arXiv
M. A. Gulbarga, “Denial of Service (DoS) Identification Using Auto Encoder,” Preprints, 2025. Preprints
M. A. Jahin, “GNN approaches for network intrusion detection,” arXiv:2503.00961, 2025. arXiv
C. Zhang, “Research on Intrusion Detection Method Based on Transformer,” Sensors, MDPI, 2025.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Shrishti Kumari, Sugandh Singh, Arjun Rajput, Surbhi Karsoliya
This work is licensed under a Creative Commons Attribution 4.0 International License.
IJOSCIENCE follows an Open Journal Access policy. Authors retain the copyright of the original work and grant the rights of publication to the publisher with the work simultaneously licensed under a Creative Commons CC BY License that allows others to distribute, remix, adapt, and build upon your work, even commercially, as long as they credit you for the original creation. Authors are permitted to post their work in institutional repositories, social media or other platforms.
Under the following terms:
-
Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
