• Network intrusion detection us...

Treffer: Network intrusion detection using a hybrid graph-based convolutional network and transformer architecture.

Title:
Network intrusion detection using a hybrid graph-based convolutional network and transformer architecture.
Authors:
Appiahene P; Department of Information Technology and Decision Sciences, University of Energy and Natural Resources, Sunyani, Ghana., Berchie SO; Department of Information Technology and Decision Sciences, University of Energy and Natural Resources, Sunyani, Ghana., Botchway E; Department of Information Technology and Decision Sciences, University of Energy and Natural Resources, Sunyani, Ghana., Ayitey MJ; Department of Information Technology and Decision Sciences, University of Energy and Natural Resources, Sunyani, Ghana., Dawson JK; Department of Computer Science, Sunyani Technical University, Sunyani, Ghana., Mettle HN; Department of Information Technology and Decision Sciences, University of Energy and Natural Resources, Sunyani, Ghana., Afrifa S; Department of Information Technology and Decision Sciences, University of Energy and Natural Resources, Sunyani, Ghana.
Source:
PloS one [PLoS One] 2026 Jan 21; Vol. 21 (1), pp. e0340997. Date of Electronic Publication: 2026 Jan 21 (Print Publication: 2026).
Publication Type:
Journal Article
Language:
English
Journal Info:
Publisher: Public Library of Science Country of Publication: United States NLM ID: 101285081 Publication Model: eCollection Cited Medium: Internet ISSN: 1932-6203 (Electronic) Linking ISSN: 19326203 NLM ISO Abbreviation: PLoS One Subsets: MEDLINE
Imprint Name(s):
Original Publication: San Francisco, CA : Public Library of Science
MeSH Terms:
Neural Networks, Computer* , Computer Security* , Cloud Computing*, Deep Learning ; Algorithms ; Humans ; Machine Learning
Entry Date(s):
Date Created: 20260121 Date Completed: 20260121 Latest Revision: 20260121
Update Code:
20260122
DOI:
10.1371/journal.pone.0340997
PMID:
41564087
Database:
MEDLINE

Weitere Informationen

Cloud computing continues to expand rapidly due to its ability to provide internet-hosted services, including servers, databases, and storage. However, this growth increases exposure to sophisticated intrusion attacks that can evade traditional security mechanisms such as firewalls. As a result, network intrusion detection systems (NIDS) enhanced with machine learning and deep learning have become increasingly important. Despite notable advancements, many AI-based intrusion detection models remain limited by their dependence on extensive, high-quality attack datasets and their insufficient capacity to capture complex, dynamic patterns in distributed cloud environments. This study presents a hybrid intrusion detection model that combines a graph convolutional layer and a transformer encoder layer to form deep neural network architecture. Using the CIC-IDS 2018 dataset, tabular network traffic data was transformed into computational graphs, enabling the model called "GConvTrans" to leverage both local structural information and global context through graph convolutional layers and multi-head self-attention mechanisms, respectively. Experimental evaluation shows that the proposed GConvTrans obtained 84.7%, 96.75% and 96.94% accuracy on the training, validation and testing set respectively. These findings demonstrate that combining graph learning techniques with standard deep learning methods can be robust for detecting complex network intrusion. Further research would explore other datasets, continue refining the proposed architecture and its hyperparameters. Another future research direction for this work is to analyze the architecture on other graph learning tasks such as link prediction.
(Copyright: © 2026 Appiahene et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.)

The authors have declared that no competing interests exist.