Abstract
The fast-changing nature of cyberattacks, in particular zero-day attacks, puts enormous pressure on the security and robustness of current network infrastructures. Conventional IDS systems are unable to cope with the changes in mechanisms of attack and suffer from high rates of false positives. To overcome these deficiencies, this paper presents a Neuro-Hybrid Adaptive Cyber Security Orchestration (NHACO) method that encapsulates different machine learning techniques into an adaptive ensemble framework. The architecture integrates Logistic Regression, K-Nearest Neighbors, Naı̈ve Bayes; Support Vector Machine, Decision Tree and Random Forest classifiers to benefit from the complementary behavior of these techniques in order to detect intrusion with a good balance. The NHACO integrates a feedback-based retraining strategy and real-time visualization layer by means of Streamlit, facilitating adaptive learning of network dynamics and ease-of-use interface for visual inspection. The model was evaluated using the benchmark KDD Cup 1999 and NSL-KDD datasets and obtained an overall accuracy of 98.46%, with better performance than all single classifiers in precision, recall, and F1-score. Furthermore, the low latency and communication overhead of the system also demonstrated that it could be deployed in real-time for IoT/cloud/edge environment. It is evident that the NHACO framework offers as a promising and intelligent, scalable adaptive cybersecurity solution with high accuracy, and resistance in monitoring either known or zero-day intrusions.
Keywords: Adaptive Feedback Learning, Cybersecurity, Intrusion Detection System, Machine Learning Ensemble, Neuro-Hybrid Zero-Day Attack Detection.