A Hybrid Intrusion Detection Model Using LSTMAE and ‎LightGBM for Robust Anomaly Detection in Network Systems

  • Authors

    • Gayatri Ketepalli Department of Computer Science and Engineering, Vignan's Foundation for Science, Technology & Research, ‎ Guntur, Andhra Pradesh, 522213, India
    • srikanth yadav . M Department of Information Technology, Vignan's Foundation for Science, Technology & Research, ‎Guntur, Andhra Pradesh, 522213, India
    • K. N. S. Lakshmi Department of CSE, Chaitanya Engineering College, Affiliated to JNTU-GV, Vizianagaram ‎, Chaitanya Valley, Kommadi, Madhurawada, Visakhapatnam -530048, India
    • Saranya Eeday Lakeview Loan Servicing, Address- 4425 Ponce de Leon BLVD, 4th floor, Coral Gables, Florida 33146
    • Bharthavarapu Nirosha Department of CSE, Lakireddy Bali Reddy College of Engineering, Mylavaram, Andhra Pradesh 521230, India
    • Ragam Padmaja Department of Information Technology, Vignan's Foundation for Science, Technology & Research, ‎Guntur, Andhra Pradesh, 522213, India
    https://doi.org/10.14419/1gb94217

    Received date: August 8, 2025

    Accepted date: September 19, 2025

    Published date: September 29, 2025

  • Intrusion Detection System (IDS); Network Anomaly Detection; LSTM Autoencoder (LSTMAE); LightGBM Classifier; Feature Extraction

  • Abstract

    Traditional intrusion detection systems often face challenges such as low accuracy and high false positive rates, particularly when detecting ‎complex and evolving cyber threats. To address these limitations, a hybrid intrusion detection model is developed by integrating Long ‎Short-Term Memory Autoencoder (LSTMAE) with Light Gradient Boosting Machine (LightGBM). The LSTMAE component captures ‎temporal dependencies in network traffic, enabling effective feature extraction, while LightGBM performs efficient classification of the ex‎extracted features. The model is evaluated on benchmark datasets including NSL-KDD, UNSW-NB15, and CICIDS2017, following comprehensive preprocessing to ensure data consistency. Experimental results demonstrate that the hybrid model significantly outperforms ‎standalone classifiers and conventional methods, achieving improved detection accuracy and reduced false positive rates. These findings ‎highlight the model’s effectiveness in differentiating between normal and malicious traffic, offering a scalable and efficient solution for real-‎time intrusion detection, and laying the groundwork for future ensemble-based security frameworks‎.

  • References

    1. J. Seok, A. Kareem, & J. Hur, "Lstm-autoencoder for vibration anomaly detection in vertical carousel storage and retrieval system (vcsrs)", Sensors, vol. 23, no. 2, p. 1009, 2023. https://doi.org/10.3390/s23021009.
    2. L. Shi, Y. Ma, Y. Lu, & L. Chen, "The application of computer intelligence in the cyber-physical business system integration in network security", Computational Intelligence and Neuroscience, vol. 2022, p. 1-10, 2022. https://doi.org/10.1155/2022/5490779.
    3. Y. Wang, J. Jang-Jaccard, X. Wen, F. Sabrina, S. Camtepe, & M. Boulic, "Lstm-autoencoder based anomaly detection for indoor air quality time series data", 2022.
    4. P. Vijayan, "An automated system of intrusion detection by iot-aided mqtt using improved heuristic-aided autoencoder and lstm-based deep belief network", Plos One, vol. 18, no. 10, p. e0291872, 2023. https://doi.org/10.1371/journal.pone.0291872.
    5. A. Amellal, "Improving lead time forecasting and anomaly detection for automotive spare parts with a combined cnn-lstm approach", Operations and Supply Chain Management an International Journal, p. 265-278, 2023. https://doi.org/10.31387/oscm0530388.
    6. V. Gupta and E. Kumar, "H3o-lgbm: hybrid harris hawk optimization based light gradient boosting machine model for real-time trading", Artificial Intelligence Review, vol. 56, no. 8, p. 8697-8720, 2023. https://doi.org/10.1007/s10462-022-10323-0 .
    7. M. Kholiq, W. Wiranto, & S. Sihwi, "News classification using light gradient boosted machine algorithm", Indonesian Journal of Electrical Engi-neering and Computer Science, vol. 27, no. 1, p. 206, 2022. https://doi.org/10.11591/ijeecs.v27.i1.pp206-213.
    8. G. Ye, Y. Li, & Y. Xu, "Study on the application of lstm-lightgbm model in stock rise and fall prediction", Matec Web of Conferences, vol. 336, p. 05011, 2021. https://doi.org/10.1051/matecconf/202133605011.
    9. X. Wang, N. Xu, X. Meng, & H. Chang, "Prediction of gas concentration based on lstm-lightgbm variable weight combination model", Energies, vol. 15, no. 3, p. 827, 2022. https://doi.org/10.3390/en15030827.
    10. Y. Zhou, L. Qi, & D. Xiao, "Application of lstm-lightgbm nonlinear combined model to power load forecasting", Journal of Physics Conference Series, vol. 2294, no. 1, p. 012035, 2022. https://doi.org/10.1088/1742-6596/2294/1/012035.
    11. A. Zafar, "Enhancing power generation forecasting in smart grids using hybrid autoencoder long short-term memory machine learning model", Ieee Access, vol. 11, p. 118521-118537, 2023. https://doi.org/10.1109/ACCESS.2023.3326415.
    12. P. Park, P. Marco, H. Shin, & J. Bang, "Fault detection and diagnosis using combined autoencoder and long short-term memory network", Sensors, vol. 19, no. 21, p. 4612, 2019. https://doi.org/10.3390/s19214612 .
    13. P. Mobtahej, X. Zhang, M. Hamidi, & J. Zhang, "An lstm-autoencoder architecture for anomaly detection applied on compressors audio data", Computational and Mathematical Methods, vol. 2022, p. 1-22, 2022. https://doi.org/10.1155/2022/3622426.
    14. Z. Ahmad, A. Khan, C. Shiang, J. Abdullah, & F. Ahmad, "Network intrusion detection system: a systematic study of machine learning and deep learning approaches", Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, 2020. https://doi.org/10.1002/ett.4150.
    15. S. Parhizkari, "Anomaly detection in intrusion detection systems", 2024. https://doi.org/10.5772/intechopen.112733.
    16. S. Naseer and Y. Saleem, "Enhanced network intrusion detection using deep convolutional neural networks", Ksii Transactions on Internet and In-formation Systems, vol. 12, no. 10, 2018. https://doi.org/10.3837/tiis.2018.10.028.
    17. R. Harwahyu, "Three layer hybrid learning to improve intrusion detection system performance", International Journal of Electrical and Computer Engineering (Ijece), vol. 14, no. 2, p. 1691, 2024. https://doi.org/10.11591/ijece.v14i2.pp1691-1699.
    18. A. Ali, S. Shaukat, M. Tayyab, M. Khan, J. Khan, A. Aliet al., "Network intrusion detection leveraging machine learning and feature selection", p. 49-53, 2020. https://doi.org/10.1109/HONET50430.2020.9322813 .
    19. D. Shu, N. Leslie, C. Kamhoua, & C. Tucker, "Generative adversarial attacks against intrusion detection systems using active learning", 2020. https://doi.org/10.1145/3395352.3402618
    20. N. Berbiche, "Enhancing anomaly-based intrusion detection systems: a hybrid approach integrating feature selection and bayesian hyperparameter optimization", Ingénierie Des Systèmes D Information, vol. 28, no. 5, 2023. https://doi.org/10.18280/isi.280506.
    21. Y. Lai, D. Sudyana, Y. Lin, M. Verkerken, L. D’hooge, T. Wauterset al., "Machine learning based intrusion detection as a service", 2021. https://doi.org/10.1145/3492323.3495613.
    22. A. Khraisat, I. Gondal, P. Vamplew, & J. Kamruzzaman, "Survey of intrusion detection systems: techniques, datasets and challenges", Cybersecuri-ty, vol. 2, no. 1, 2019. https://doi.org/10.1186/s42400-019-0038-7.
    23. S. Sarvari, N. Sani, Z. Hanapi, & M. Abdullah, "An efficient anomaly intrusion detection method with feature selection and evolutionary neural network", Ieee Access, vol. 8, p. 70651-70663, 2020. https://doi.org/10.1109/ACCESS.2020.2986217.
    24. E. Li, "Incremental learning of lstm-autoencoder anomaly detection in three-axis cnc machines", 2023. https://doi.org/10.21203/rs.3.rs-3388986/v1.
    25. Z. Khan, "Network intrusion detection utilizing autoencoder neural networks", cana, vol. 31, no. 3s, p. 336-354, 2024. https://doi.org/10.52783/cana.v31.777.
    26. L. Shi, Y. Ma, Y. Lu, & L. Chen, "The application of computer intelligence in the cyber-physical business system integration in network security", Computational Intelligence and Neuroscience, vol. 2022, p. 1-10, 2022. https://doi.org/10.1155/2022/5490779.
    27. J. Seok, A. Kareem, & J. Hur, "Lstm-autoencoder for vibration anomaly detection in vertical carousel storage and retrieval system (vcsrs)", Sensors, vol. 23, no. 2, p. 1009, 2023. https://doi.org/10.3390/s23021009.
    28. F. Esmaeili, E. Cassie, H. Nguyen, N. Plank, C. Unsworth, & A. Wang, "Anomaly detection for sensor signals utilizing deep learning autoencoder-based neural networks", Bioengineering, vol. 10, no. 4, p. 405, 2023. https://doi.org/10.3390/bioengineering10040405.
    29. E. Khan, "Network intrusion detection using autoencode neural network", International Journal on Recent and Innovation Trends in Computing and Communication, vol. 11, no. 10, p. 1678-1688, 2023. https://doi.org/10.17762/ijritcc.v11i10.8739.
    30. H. Nguyen, K. Tran, S. Thomassey, & M. Hamad, "Forecasting and anomaly detection approaches using lstm and lstm autoencoder techniques with the applications in supply chain management", International Journal of Information Management, vol. 57, p. 102282, 2021. https://doi.org/10.1016/j.ijinfomgt.2020.102282 .
    31. M. Park, S. Chakraborty, Q. Vuong, D. Noh, J. Lee, J. Leeet al., "Anomaly detection based on time series data of hydraulic accumulator", Sensors, vol. 22, no. 23, p. 9428, 2022. https://doi.org/10.3390/s22239428.
    32. Y. Fu, Y. Du, Z. Cao, Q. Li, & X. Wang, "A deep learning model for network intrusion detection with imbalanced data", Electronics, vol. 11, no. 6, p. 898, 2022. https://doi.org/10.3390/electronics11060898.
    33. Z. Cheng, S. Wang, P. Zhang, S. Wang, X. Liu, & E. Zhu, "Improved autoencoder for unsupervised anomaly detection", International Journal of Intelligent Systems, vol. 36, no. 12, p. 7103-7125, 2021. https://doi.org/10.1002/int.22582.
    34. H. Arab, I. Ghaffari, R. Evina, S. Tatu, & S. Dufour, "A hybrid lstm-resnet deep neural network for noise reduction and classification of v-band receiver signals", Ieee Access, vol. 10, p. 14797-14806, 2022. https://doi.org/10.1109/ACCESS.2022.3147980.
    35. P. Park, P. Marco, H. Shin, & J. Bang, "Fault detection and diagnosis using combined autoencoder and long short-term memory network", Sensors, vol. 19, no. 21, p. 4612, 2019. https://doi.org/10.3390/s19214612.
    36. L. Wu and L. Ji, "Anomaly detection based on temporal convolution autoencoders", Journal of Physics Conference Series, vol. 2366, no. 1, p. 012041, 2022. https://doi.org/10.1088/1742-6596/2366/1/012041.
    37. Y. Meidan, M. Bohadana, Y. Mathov, Y. Mirsky, A. Shabtai, D. Breitenbacheret al., "N-baiot—network-based detection of iot botnet attacks us-ing deep autoencoders", Ieee Pervasive Computing, vol. 17, no. 3, p. 12-22, 2018. https://doi.org/10.1109/MPRV.2018.03367731.
    38. C. Tang, N. Luktarhan, & Y. Zhao, "An efficient intrusion detection method based on lightgbm and autoencoder", Symmetry, vol. 12, no. 9, p. 1458, 2020. https://doi.org/10.3390/sym12091458.
    39. A. Mirza and S. Coşan, "Computer network intrusion detection using sequential lstm neural networks autoencoders", p. 1-4, 2018. https://doi.org/10.1109/SIU.2018.8404689.
    40. M. Moukhafi, "Intelligent intrusion detection through deep autoencoder and stacked long short-term memory", International Journal of Electrical and Computer Engineering (Ijece), vol. 14, no. 3, p. 2908, 2024. https://doi.org/10.11591/ijece.v14i3.pp2908-2917.
    41. A. Singh and J. Jang-Jaccard, "Autoencoder-based unsupervised intrusion detection using multi-scale convolutional recurrent networks", 2022.
    42. O. Adeniyi, "Securing mobile edge computing using hybrid deep learning method", Computers, vol. 13, no. 1, p. 25, 2024. https://doi.org/10.3390/computers13010025.
    43. T. Vaiyapuri, "Deep self-taught learning framework for intrusion detection in cloud computing environment", Iaes International Journal of Artificial Intelligence (Ij-Ai), vol. 13, no. 1, p. 747, 2024. https://doi.org/10.11591/ijai.v13.i1.pp747-755.
    44. S. Wu, Q. Huang, & L. Zhao, "De-noising of transient electromagnetic data based on the long short-term memory-autoencoder", Geophysical Jour-nal International, vol. 224, no. 1, p. 669-681, 2020. https://doi.org/10.1093/gji/ggaa424.
    45. M. Tawfik, "Optimized intrusion detection in iot and fog computing using ensemble learning and advanced feature selection", Plos One, vol. 19, no. 8, p. e0304082, 2024. https://doi.org/10.1371/journal.pone.0304082.
    46. J. Kang, C. Kim, J. Kang, & J. Gwak, "Anomaly detection of the brake operating unit on metro vehicles using a one-class lstm autoencoder", Ap-plied Sciences, vol. 11, no. 19, p. 9290, 2021. https://doi.org/10.3390/app11199290.
    47. T. Kim, "An anomaly detection method based on multiple lstm-autoencoder models for in-vehicle network", Electronics, vol. 12, no. 17, p. 3543, 2023. https://doi.org/10.3390/electronics12173543.
    48. Y. Chen and C. Zhao, "Application of deep learning model in computer data mining intrusion detection", Applied Mathematics and Nonlinear Sci-ences, vol. 8, no. 2, p. 2131-2140, 2023. https://doi.org/10.2478/amns.2023.1.00318.
    49. A. Halbouni, T. Gunawan, M. Habaebi, M. Halbouni, M. Kartiwi, & R. Ahmad, "Machine learning and deep learning approaches for cybersecurity: a review", Ieee Access, vol. 10, p. 19572-19585, 2022. https://doi.org/10.1109/ACCESS.2022.3151248.
    50. E. Ramadanti, "Diabetes disease detection classification using light gradient boosting (lightgbm) with hyperparameter tuning", Sinkron, vol. 8, no. 2, p. 956-963, 2024. https://doi.org/10.33395/sinkron.v8i2.13530.
    51. M. Onoja, A. Jegede, N. Blamah, A. Olawale, & T. Omotehinwa, "Eemds: efficient and effective malware detection system with hybrid model based on xceptioncnn and lightgbm algorithm", Journal of Computing and Social Informatics, vol. 1, no. 2, p. 42-57, 2022. https://doi.org/10.33736/jcsi.4739.2022.
    52. M. Ferrag, Λ. Μαγλαράς, S. Moschoyiannis, & H. Janicke, "Deep learning for cyber security intrusion detection: approaches, datasets, and compara-tive study", Journal of Information Security and Applications, vol. 50, p. 102419, 2020. https://doi.org/10.1016/j.jisa.2019.102419.
    53. D. T and M. Saravanan, "An intellectual detection system for intrusions based on collaborative machine learning", International Journal of Ad-vanced Computer Science and Applications, vol. 11, no. 2, 2020. https://doi.org/10.14569/IJACSA.2020.0110257.
    54. Eeday, S., S. Goteti, and S. P. Anne. "Experimental Investigation of Thermal Properties of Borassus Flabellifer Reinforced Composites and Effect of Addition of Fly Ash." International Journal of Engineering Trends and Technology 15.8 (2014): 379-382
    55. Susarla, Manoj, S. Harshavardhan, and Saranya Eeday. "Structural Analysis of the Drag Strut and Dynamic analysis of Aircraft Landing Gear." 1-8.
    56. Kosuri, S., & Eeday, S. (2024). Advancing Cybersecurity with Deep Learning: Innovative Approaches and Real-Time Applications. International Journal of Advanced Trends in Engineering and Management (IJATEM), 3(8), 52–62. ISSN (Online): 2583-7052. https://doi.org/10.59544/TBFO5911/IJATEMV03I08P5.
    57. S. Kosuri and S. Eeday, "Deep Learning for Network Intrusion Detection: A Study Using Convolutional Neural Networks," International Journal of Research in Electronics and Computer Engineering, vol. 12, no. 4, p. 10, 2024.
    58. Eeday and S. Kosuri, "Adaptive Network Intrusion Detection Using Asymmetric Deep Autoencoders with Benchmarking on Latest Cybersecurity Datasets," International Journal of Research in Electronics and Computer Engineering, vol. 12, no. 2, pp. 42–45, 2024.
    59. S. Eeday and S. Kosuri, "A Hybrid Federated Tree-Based Intrusion Detection System for Securing Autonomous Vehicles and V2X Networks Us-ing Adaptive Boosting and Blockchain," International Journal of Research in Electronics and Computer Engineering, vol. 11, no. 4, pp. 38–41, 2023.
    60. Moraboena, S., Ketepalli, G., Ragam, P. (2020). A deep learning approach to network intrusion detection using deep autoencoder. Revue d'Intelli-gence Artificielle, Vol. 34, No. 4, pp. 457-463. https://doi.org/10.18280/ria.340410.
    61. M. Srikanth Yadav. and R. Kalpana., "Data Preprocessing for Intrusion Detection System Using Encoding and Normalization Approaches," 2019 11th International Conference on Advanced Computing (ICoAC), Chennai, India, 2019, pp. 265-269, https://doi.org/10.1109/ICoAC48765.2019.246851.
    62. M., Srikanth Yadav, and Kalpana R. "A Survey on Network Intrusion Detection Using Deep Generative Networks for Cyber-Physical Systems." Artificial Intelligence Paradigms for Smart Cyber-Physical Systems, edited by Ashish Kumar Luhach and Atilla Elçi, IGI Global, 2021, pp. 137-159. https://doi.org/10.4018/978-1-7998-5101-1.ch007.
    63. Srikanth yadav M., R. Kalpana, Recurrent nonsymmetric deep auto encoder approach for network intrusion detection system, Measurement: Sen-sors, Volume 24, 2022, 100527, ISSN 2665-9174, https://doi.org/10.1016/j.measen.2022.100527.
    64. Srikanth Yadav, M., Kalpana, R. (2022). Effective Dimensionality Reduction Techniques for Network Intrusion Detection System Based on Deep Learning. In: Jacob, I.J., Kolandapalayam Shanmugam, S., Bestak, R. (eds) Data Intelligence and Cognitive Informatics. Algorithms for Intelligent Systems. Springer, Singapore. https://doi.org/10.1007/978-981-16-6460-1_39.
    65. Gayatri, K., Premamayudu, B., Yadav, M.S. (2021). A Two-Level Hybrid Intrusion Detection Learning Method. In: Bhattacharyya, D., Thirupathi Rao, N. (eds) Machine Intelligence and Soft Computing. Advances in Intelligent Systems and Computing, vol 1280. Springer, Singapore. https://doi.org/10.1007/978-981-15-9516-5_21.
    66. Yadav, M. Srikanth, K. Sushma, and K. Gayatri. "Enhanced Network Intrusion Detection Using LSTM RNN." International Journal of Advanced Science and Technology 29.5 (2020): 7210-7220.
    67. Patil, A., and S. Yada. "Performance analysis of anomaly detection of KDD cup dataset in R environment." Int. J. Appl. Eng. Res. 13.6 (2018): 4576-4582.
    68. Saheb, M.C.P., Yadav, M.S., Babu, S., Pujari, J.J., Maddala, J.B. (2023). A Review of DDoS Evaluation Dataset: CICDDoS2019 Dataset. In: Szymanski, J.R., Chanda, C.K., Mondal, P.K., Khan, K.A. (eds) Energy Systems, Drives and Automations. ESDA 2021. Lecture Notes in Electri-cal Engineering, vol 1057. Springer, Singapore. https://doi.org/10.1007/978-981-99-3691-5_34.
    69. Patil, A., and M. Srikanth Yadav. "Performance analysis of misuse attack data using data mining classifiers." International Journal of Engineering & Technology 7.4 (2018): 261-263. https://doi.org/10.14419/ijet.v7i4.36.23782.
    70. R. Padmaja and P. R. Challagundla, "Exploring A Two-Phase Deep Learning Framework for Network Intrusion Detection," 2024 IEEE Interna-tional Students' Conference on Electrical, Electronics and Computer Science (SCEECS), Bhopal, India, 2024, pp. 1-5, https://doi.org/10.1109/SCEECS61402.2024.10482198.
    71. Bhuyan, H.K., Ravi, V. & Yadav, M.S. multi-objective optimization-based privacy in data mining. Cluster Comput 25, 4275–4287 (2022). https://doi.org/10.1007/s10586-022-03667-3.

  • Downloads

  • How to Cite

    Ketepalli, G. ., M, srikanth yadav ., Lakshmi, K. N. S. ., Eeday, S. ., Nirosha, B. . ., & Padmaja , R. . (2025). A Hybrid Intrusion Detection Model Using LSTMAE and ‎LightGBM for Robust Anomaly Detection in Network Systems. International Journal of Basic and Applied Sciences, 14(5), 912-922. https://doi.org/10.14419/1gb94217