Next-Generation IDS: Leveraging Transformer and Hybrid Deep Architectures for Robust Cyber Threat Detection

As technology advances, so too do the risks posed against cyber security. Furthermore, Host-based Intrusion Detection Systems (HIDS) are vital towards recognizing and controlling cyberattacks and harmful actions within the operating system. Despite traditional Host-based Intrusion Detection Systems having their merits, there are issues related to feature engineering, sequencing noise, and scope of generalization towards new attack patterns. This paper presents a new architecture of Host-based Intrusion Detection Systems that is deep learning-based and uses transformer networks for intrusion detection through system call sequences.We demonstrate the ability of transformers in system call sequences and their recognition of long range dependencies and contextual patterns designed for next generation intrusion detection systems. The proposed approach opens up promising directions for building intelligent, context-aware, and robust host-based IDSs.The models were extensively evaluated on benchmark datasets AWSCTD and NGIDS. The comparison demonstrated the effectiveness of Transformer-based approaches over LSTM, BLSTM, and hybrid CNN-LSTM variants when tested under identical experimental conditions.