Paper Contents
Abstract
Adaptive-NIDS is an AI-powered hybrid Network Intrusion Detection System designed to overcome the limitations of static signature-based defenses and adapt to the evolving landscape of modern cyber threats. The platform enables the robust detection of both known vulnerabilities and novel "zero-day" attacks by strategically fusing comprehensive public benchmarks with high-fidelity, real-world attack data. Leveraging a sophisticated Transfer Learning methodology and high-performance XGBoost algorithms, Adaptive-NIDS intelligently integrates the broad baseline knowledge from the CIC-IDS-2017 dataset with specialized, modern threat intelligence captured from a cloud-deployed T-Pot honeynet. Built using Google Cloud Platform for scalable honeypot deployment and the ELK stack for centralized log aggregation, the system provides automated feature engineering, seamless data unification and high-speed threat classification. Security analysts gain access to a refined, adaptive model where network flows are rigorously analyzed, significantly reducing false positives while maintaining high sensitivity to active attacker Tactics, Techniques and Procedures (TTPs). The platform supports advanced features such as flow-based traffic representation, cross-domain feature alignment and real-time behavioral analysis. Designed for dynamic enterprise environments, Adaptive-NIDS enhances network visibility, minimizes alert fatigue, accelerates threat identification and enables a proactive, data-driven security posture. This journal presents the motivation, architecture, methodology, evaluation and future developments of Adaptive-NIDS.Keywords: Transfer Learning, AI-based NIDS, T-Pot Honeynet, XGBoost, CIC-IDS-2017, Google Cloud Platform, hybrid intrusion detection, network flow analysis, zero-day threat detection
Copyright
Copyright © 2025 Sanjay Krishna , Arun, Dhanush , Gowtham , Jenish , Jothi Prakash. This is an open access article distributed under the Creative Commons Attribution License.
