{"id":"https://openalex.org/W4411949296","doi":"https://doi.org/10.1109/access.2025.3585445","title":"Adaptive Defense: Zero-Day Attack Detection in NIDS With Deep Reinforcement Learning","display_name":"Adaptive Defense: Zero-Day Attack Detection in NIDS With Deep Reinforcement Learning","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4411949296","doi":"https://doi.org/10.1109/access.2025.3585445"},"language":"en","primary_location":{"id":"doi:10.1109/access.2025.3585445","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3585445","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2025.3585445","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054824661","display_name":"Khorshed Alam","orcid":"https://orcid.org/0009-0004-8040-8598"},"institutions":[{"id":"https://openalex.org/I31669788","display_name":"Independent University, Bangladesh","ror":"https://ror.org/05qbbf772","country_code":"BD","type":"education","lineage":["https://openalex.org/I31669788"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Khorshed Alam","raw_affiliation_strings":["Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","Department of Computer Science and Engineering (CSE), Independent University, Bangladesh"],"raw_orcid":"https://orcid.org/0009-0004-8040-8598","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I31669788"]},{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University, Bangladesh","institution_ids":["https://openalex.org/I31669788"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053321410","display_name":"Md Fahad Monir","orcid":"https://orcid.org/0009-0003-4874-9520"},"institutions":[{"id":"https://openalex.org/I31669788","display_name":"Independent University, Bangladesh","ror":"https://ror.org/05qbbf772","country_code":"BD","type":"education","lineage":["https://openalex.org/I31669788"]},{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["BD","US"],"is_corresponding":false,"raw_author_name":"Md Fahad Monir","raw_affiliation_strings":["Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","Department of Electrical and Computer Engineering, Virginia Tech, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I31669788"]},{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Virginia Tech, USA","institution_ids":["https://openalex.org/I859038795"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082672531","display_name":"Md Junayed Hossain","orcid":"https://orcid.org/0000-0001-6781-9609"},"institutions":[{"id":"https://openalex.org/I31669788","display_name":"Independent University, Bangladesh","ror":"https://ror.org/05qbbf772","country_code":"BD","type":"education","lineage":["https://openalex.org/I31669788"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Md Junayed Hossain","raw_affiliation_strings":["Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","Department of Computer Science and Engineering (CSE), Independent University, Bangladesh"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I31669788"]},{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University, Bangladesh","institution_ids":["https://openalex.org/I31669788"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026120010","display_name":"Mohammad Shorif Uddin","orcid":"https://orcid.org/0000-0002-7184-2809"},"institutions":[{"id":"https://openalex.org/I46080048","display_name":"Jahangirnagar University","ror":"https://ror.org/04ywb0864","country_code":"BD","type":"education","lineage":["https://openalex.org/I46080048"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Mohammad Shorif Uddin","raw_affiliation_strings":["Department of Computer Science and Engineering, Jahangirnagar University, Dhaka, Bangladesh"],"raw_orcid":"https://orcid.org/0000-0002-7184-2809","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Jahangirnagar University, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I46080048"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5004962306","display_name":"Md. Tarek Habib","orcid":"https://orcid.org/0000-0001-5009-6459"},"institutions":[{"id":"https://openalex.org/I31669788","display_name":"Independent University, Bangladesh","ror":"https://ror.org/05qbbf772","country_code":"BD","type":"education","lineage":["https://openalex.org/I31669788"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Md. Tarek Habib","raw_affiliation_strings":["Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","Department of Computer Science and Engineering (CSE), Independent University, Bangladesh"],"raw_orcid":"https://orcid.org/0000-0001-5009-6459","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University at Bangladesh, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I31669788"]},{"raw_affiliation_string":"Department of Computer Science and Engineering (CSE), Independent University, Bangladesh","institution_ids":["https://openalex.org/I31669788"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":15.5129,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.99048818,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"13","issue":null,"first_page":"116345","last_page":"116361"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9943000078201294,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.7223250865936279},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6724740862846375},{"id":"https://openalex.org/keywords/zero","display_name":"Zero (linguistics)","score":0.5197746157646179},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4279128313064575},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4158977270126343}],"concepts":[{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.7223250865936279},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6724740862846375},{"id":"https://openalex.org/C2780813799","wikidata":"https://www.wikidata.org/wiki/Q3274237","display_name":"Zero (linguistics)","level":2,"score":0.5197746157646179},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4279128313064575},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4158977270126343},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2025.3585445","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3585445","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:56cabc39994d4575bdf07661ef2af658","is_oa":true,"landing_page_url":"https://doaj.org/article/56cabc39994d4575bdf07661ef2af658","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 13, Pp 116345-116361 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2025.3585445","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3585445","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/13","display_name":"Climate action","score":0.6100000143051147}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W2807786182","https://openalex.org/W3037958117","https://openalex.org/W3093410479","https://openalex.org/W3102359135","https://openalex.org/W3185244527","https://openalex.org/W3211805421","https://openalex.org/W4200041707","https://openalex.org/W4214699222","https://openalex.org/W4285147178","https://openalex.org/W4285235284","https://openalex.org/W4311416422","https://openalex.org/W4312384107","https://openalex.org/W4323038898","https://openalex.org/W4387428699","https://openalex.org/W4387587680","https://openalex.org/W4390811138","https://openalex.org/W4391481781","https://openalex.org/W4392018820","https://openalex.org/W4392174755","https://openalex.org/W4393079152","https://openalex.org/W4393099969","https://openalex.org/W4396731583","https://openalex.org/W4396856468","https://openalex.org/W4396919244","https://openalex.org/W4396982193","https://openalex.org/W4399095601","https://openalex.org/W4399851502","https://openalex.org/W4399852241","https://openalex.org/W4399915572","https://openalex.org/W4401326431","https://openalex.org/W4402633818","https://openalex.org/W4402789060","https://openalex.org/W4403445983","https://openalex.org/W4403605016","https://openalex.org/W4404739899"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4306904969","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2138720691","https://openalex.org/W2376932109"],"abstract_inverted_index":{"Zero-Day":[0,50],"attack":[1,17,51,83,110,142,161],"detection":[2],"in":[3,99,154,210,217],"Network":[4],"Intrusion":[5],"Detection":[6],"Systems":[7],"(NIDS)":[8],"refers":[9],"to":[10,13,59,73,132,137],"the":[11,61,65,75,81,93,148,155,189],"ability":[12],"identify":[14],"previously":[15],"unseen":[16,169],"patterns":[18],"during":[19,170],"testing":[20],"without":[21],"having":[22],"been":[23],"explicitly":[24],"trained":[25],"on":[26,188],"those":[27,160],"specific":[28],"attacks,":[29,119,164],"utilizing":[30],"learned":[31],"features":[32],"from":[33,147],"other":[34],"known":[35,213],"attacks.":[36],"In":[37],"this":[38],"paper,":[39],"we":[40,129],"propose":[41],"a":[42,55,106,218],"Deep":[43],"Reinforcement":[44],"Learning":[45],"(DRL)-based":[46],"NIDS":[47,100],"designed":[48],"for":[49,207],"detection.":[52],"We":[53,68,89,172,195],"use":[54,90],"stacked":[56],"LSTM":[57],"architecture":[58],"extend":[60],"learning":[62],"capabilities":[63],"of":[64,77,92,109,191],"DRL":[66,193],"agent.":[67,194],"apply":[69],"several":[70],"oversampling":[71],"techniques":[72],"handle":[74],"issue":[76],"class":[78],"imbalance":[79],"since":[80],"zero-day":[82,163,219],"datasets":[84,98,206],"are":[85,167],"not":[86],"as":[87,113,165],"abundant.":[88],"some":[91],"most":[94],"widely":[95],"available":[96],"benchmark":[97],"domain,":[101],"which":[102,175],"all":[103],"together":[104],"cover":[105],"wide":[107],"range":[108],"types,":[111],"such":[112],"reconnaissance,":[114],"ddoS,":[115],"infiltration,":[116],"injection,":[117],"password":[118],"brute":[120],"force,":[121],"dos,":[122],"backdoor,":[123],"and":[124,134,145,186,214],"benign":[125,135],"traffic.":[126],"For":[127],"example,":[128],"converted":[130],"attacks":[131,216],"1":[133],"traffic":[136],"0,":[138],"then":[139,196],"excluded":[140],"certain":[141],"categories":[143],"(DoS":[144],"Backdoor)":[146],"training":[149],"dataset":[150],"while":[151],"keeping":[152],"them":[153],"test":[156],"dataset.":[157],"This":[158],"makes":[159],"types":[162],"they":[166],"entirely":[168],"training.":[171],"also":[173],"compare":[174],"data":[176],"balancing":[177],"technique":[178],"works":[179],"better":[180],"among":[181],"K-means":[182],"SMOTE,":[183,184],"Borderline-SMOTE":[185],"ADASYN":[187],"performance":[190],"our":[192,200],"demonstrate":[197],"how":[198],"powerful":[199],"agent":[201],"is":[202],"by":[203],"validating":[204],"many":[205],"remarkable":[208],"success":[209],"detecting":[211],"both":[212],"unknown":[215],"manner.":[220]},"counts_by_year":[{"year":2026,"cited_by_count":8},{"year":2025,"cited_by_count":6}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}