HAEnRF: A Hybrid Deep Autoencoderensemble Framework For Cloud-Agnostic Intrusion Detection
DOI:
https://doi.org/10.70917/ijcisim-2026-2145Keywords:
Network Security, Autoencoder, Random Forest, Anomaly Detection, CICIDS2017, Cloud ComputingAbstract
Cloud computing environments present a huge amount of diverse network traffic. This poses a major hurdle in identifying malicious activities using traditional signature-based intrusion detection systems. To tackle this problem, the paper introduces HAEnRF, a hybrid intrusion detection system that integrates multiple autoencoder-based feature learning methods with a supervised Random Forest classifier for detecting flow-level cyberattacks in cloud environments.The proposed system is built and tested with the CICIDS2017 dataset, and a well-defined data preprocessing workflow is set up to ensure numerical stability, balanced class distribution, and consistency during the whole learning process. To capture different traffic characteristics, three types of autoencoder architectures are used: a dense autoencoder, a denoising autoencoder, and a 1D convolutional autoencoder. These models not only capture compact latent feature representations but also output reconstruction errors that can serve as indicators of traffic pattern changes.The latent features and reconstruction errors derived from the autoencoders are merged at the feature level to create a richer feature space. This combined representation is then fed to a Random Forest classifier that has been set up with a balanced class weighting scheme to enhance classification accuracy across various types of attacks. By combining unsupervised representation learning with supervised classification based on ensemble methods, the proposed HAEnRF framework seeks to deliver a more effective and flexible solution for intrusion detection in ever-changing cloud environments.The design of the architecture is both cloud-agnostic and attack-agnostic. This means that the framework can be retrained on other flow-based datasets without making any changes to the main model structure. The present work is mainly concerned with the methodological/architectural design, and conceptualization of the HAEnRF framework. A feasibility-level preliminary evaluation is performed using the CICIDS2017 dataset to prove that the approach is viable. Considering broader benchmarking and cross-dataset validation, these are regarded as future research directions.
