MIDS-GAN: Minority Intrusion Data Synthesizer GAN—An ACON Activated Conditional GAN for Minority Intrusion Detection

Abstract

Intrusion Detection Systems (IDS) are vital to cybersecurity but suffer from severe class imbalance in benchmark datasets such as NSL-KDD and UNSW-NB15. Conventional oversampling methods (e.g., SMOTE, ADASYN) are efficient yet fail to preserve the latent semantics of rare attack behaviors. This study introduces the Minority-class Intrusion Detection Synthesizer GAN (MIDS-GAN), a divergence-minimization framework for minority data augmentation under structured feature constraints. MIDS-GAN integrates (i) correlation-based structured feature selection (SFS) to reduce redundancy, (ii) trainable ACON activations to enhance generator expressiveness, and (iii) KL-divergence-guided alignment to ensure distributional fidelity. Experiments on NSL-KDD and UNSW-NB15 demonstrate significant improvement on detection, with recall increasing from 2% to 27% for R2L and 1% to 17% for U2R in NSL-KDD, and from 18% to 44% for Worms and 69% to 75% for Shellcode in UNSW-NB15. Weighted F1-scores also improved to 78%, highlighting MIDS-GAN’s effectiveness in enhancing minority-class detection through a principled, divergence-aware approach.

1. Introduction

Modern digital infrastructures, including cloud-native services, enterprise IoT, and 5G or edge environments, are becoming increasingly connected and complex, which in turn raises the risk of security breaches and cyberattacks. Network Intrusion Detection Systems (IDSs) are vital for cybersecurity, but their effectiveness depends on training data that capture both common and rare attack behaviors [1]. Widely used benchmarks such as NSL-KDD, UNSW-NB15, and CICIDS suffer from severe class imbalance, causing models to focus on frequent attacks while overlooking rare yet important intrusions, which remains a major limitation in IDS performance [2].

A range of studies have examined datasets and methodologies to address these challenges. Early studies emphasized the need for reliable datasets, whereas subsequent ones identified their persistent imbalance and outdated nature. Recent reviews highlight the potential of Generative Adversarial Networks (GANs) to mitigate class imbalance; however, broader analyses continue to report enduring issues of dataset bias, limited generalizations, and uneven attack representation [3,4,5].

GANs offer a distribution-learning alternative to traditional oversampling by modelling minority-class manifolds through adversarial training to generate more diverse and realistic synthetic data. Variants such as Conditional GAN (CGAN), Wasserstein GAN with Gradient Penalty (WGAN-GP), and imbalance-aware GANs have shown significant improvements in recall and F1-scores for minority classes [6]. Specifically, CGAN employs label conditioning to guide data synthesis, while Auxiliary Classifier Generative Adversarial Network (ACGAN) applies a secondary classifier to enhance class consistency, ensuring that generated samples remain realistic and accurate—crucial for maintaining IDS reliability.

Activation functions critically influence IDS performance by defining decision boundaries. Although Rectified Linear Unit (ReLU) remains dominant, its rigid thresholding and “dying neuron” issues hinder the modelling of sparse or irregular minority regions [7]. Recent studies show that trainable activation enhances representational capacity and gradient stability. Accordingly, the Adaptive Concatenated Activation (ACON) [8] is adopted—a learnable function that dynamically interpolates between linear and nonlinear behaviors via gating. ACON mitigates gradient vanishing and enhances feature expressiveness, enabling both discriminator and generator to better capture ultra-minority classes.

To address the gap in achieving class-conditional generation with consistent labelling and stable distributional alignment in IDS data synthesis, this study proposes the Minority Intrusion Detection Synthesizer GAN (MIDS-GAN), which integrates an ACGAN backbone, the adaptive ACON activation function, and KL-divergence–guided training. The functions of these core components are as follows:

• Class-conditional generation with ACGAN to produce label-consistent minority samples.
• Trainable activation (ACON) to adaptively model complex, imbalanced intrusion manifolds.
• Structured feature selection with KL-divergence alignment to preserve distributional fidelity and mitigate mode dropping.

Unlike traditional oversampling, MIDS-GAN generates synthetic traffic that is both statistically consistent and semantically aligned with real intrusions. Results presented in Section 4 demonstrate significant improvements in recall and F1-scores for minority classes while maintaining distributional integrity. By integrating cybersecurity, generative modelling, and imbalance-aware learning, MIDS-GAN offers a principled framework for more effective and interpretable IDS development, enhancing the detection of minority intrusions.

This paper comprises six sections. Section 2 reviews related work and datasets, identifying the critical research gap that motivates this study. Section 3 details the proposed MIDS-GAN methodology, while Section 4 describes the experimental design and evaluation settings. Section 5 and Section 6 present the discussion and conclusion, respectively.

2. Related Work

2.1. Oversampling Techniques

Classical oversampling is a common approach to addressing class imbalance. Methods such as the Synthetic Minority Oversampling Techniques (SMOTE) [9], ADASYN [10], and their hybrids (e.g., SMOTE-ENN [11] and Borderline-SMOTE [12]) are widely used in IDS research for their computational efficiency. These geometry-based techniques generate synthetic minority samples by interpolating between nearest neighbors but suffer from redundancy, oversmoothing, class overlap, and overfitting risks [13]. Adaptive variants, such as the Adaptive SV-Borderline SMOTE-SVM proposed by Guo et al. [14], aim to refine decision boundaries, while regression-specific and quantum-inspired extensions broaden their applicability. Nonetheless, oversampling remains limited to feature-space heuristics and fails to capture the latent semantics of cyberattack behaviors, highlighting the need for distribution-learning approaches such as generative models.

2.2. Generative Adversarial Networks (GANs) for Intrusion Detection

GANs offer a distinct paradigm by learning the underlying data distribution through adversarial training between a generator and discriminator, rather than interpolating in feature space [15]. This makes them well-suited for synthesizing minority-class traffic that remains semantically consistent with real attacks. Early applications in IDS showed promising results. Yin et al. [16] applied recurrent neural networks (RNNs) to model sequential traffic, resulting in improved detection on benchmark datasets. Yang et al. [17] combined a Deep Convolutional GAN (DCGAN) with a Simple Recurrent Unit (SRU), demonstrating that adversarial and temporal modeling together enhance classification performance on KDD’99 and NSL-KDD. Accordingly, Shahriar et al. [18] proposed G-IDS, where a GAN synthesizes minority samples and jointly trains with real and synthetic data, yielding greater detection stability on NSL-KDD.

To address class imbalance, Dlamini and Fahim [19] proposed the Data Generative Model (DGM), a conditional GAN leveraging KL-divergence to enhance distributional fidelity. Their results on NSL-KDD and UNSW-NB15 showed that distribution-aware synthesis improve detection of ultra-minority classes compared with heuristic oversampling methods such as SMOTE and ADASYN. Later studies identified additional challenges in adversarial settings, noting that carefully crafted perturbations can evade conventional IDS, while adversarial training can improve robustness [20]. Based on these findings, our recent study [21] demonstrated that conditional variants, particularly CGAN and ACGAN outperform vanilla GANs in detecting minority classes on NSL-KDD. Accordingly, this present work integrates adaptive ACON activations and structured feature selection into an ACGAN backbone. The resulting MIDS-GAN framework extends DGM principle, explicitly enforcing label fidelity and distributional alignment to enhance synthesis and detection of ultra-minority intrusions in NSL-KDD and UNSW-NB15.

Recent architectures such as WGAN-GP [22], WGAN-DL-IDS [23], and the DRL-GAN hybrid model [24] have achieved notable improvements in detection accuracy on complex datasets like UNSW-NB15 and in IoT network environments. However, these models often result in high computational complexity and limited generalization across heterogeneous datasets. Their performance also depends heavily on activation functions, which influence gradient stability and representational capacity. Recent surveys indicate that trainable activations offer greater adaptability than fixed functions such as ReLU, which potentially improves the quality of synthetic intrusion samples.

More advanced conditional variants have been developed to address dataset imbalance. Conditional GANs (CGANs), first introduced by Mirza and Osindero [25], integrates class labels into both the generator and discriminator to guide minority-class synthesis, but do not explicitly enforce label fidelity. Odena et al. [26] extended this approach with the ACGAN, which adds an auxiliary classifier to the discriminator, introducing a dual objective: adversarial loss for realism and classification loss for label consistency.

In IDS applications, such dual objectives are crucial, as mislabeled synthetic intrusions can degrade detection performance more severely than class imbalance itself. Variants such as AE-CGAN and other distribution-alignment methods emphasize feature compression or KL-divergence minimization but often underutilize ACGAN’s classifier advantages. Recent studies on ACGAN-assisted IDS [27] confirm its effectiveness in improving minority-class detection. Yang et al. [28] further advanced this approach with SPE-ACGAN, which incorporates a Sample Partition and Enhancement (SPE) resampling strategy into the ACGAN framework, demonstrating superior performance on benchmark IDS datasets compared with conventional oversampling methods. This progression from CGAN to ACGAN and its recent extensions thus motivates the adoption of ACGAN backbone in this study, whose auxiliary classifier ensures label fidelity essential for synthesizing ultra-minority attack categories.

2.3. Summary and Motivation

GAN–based intrusion detection systems have shown strong potential for mitigating severe class imbalance. Prior studies [19,22,27] report measurable improvements in recall, F1-score, and overall detection accuracy on benchmark datasets such as NSL-KDD and UNSW-NB15. Collectively, these studies highlight three key insights.

(1)

Effectiveness of adversarial generation—GANs can synthesize minority-class traffic patterns that traditional oversampling fails to capture, thereby improving minority detection rates.

(2)

Technical challenges—Training instability, mode collapse, and the absence of strict label fidelity remain significant obstacles, especially for ultra-minority classes (e.g., R2L, U2R).

(3)

Limitations of conventional oversampling—Although computational efficient, methods such as SMOTE and ADASYN rely on geometric heuristics and cfail to preserve the behavioral semantics of cyberattacks.

Accordingly, this present study identifies a key research gap: the need for class-conditional generation with guaranteed label consistency and stable distributional alignment. ACGANs offer a foundation for label-faithful synthesis but require adaptive activation and explicit distribution matching to achieve optimal performance. To address these challenges, the proposed MIDS-GAN framework integrates (i) an ACGAN backbone for conditional generation, (ii) the adaptive ACON activation function to enhance representational flexibility, and (iii) KL-divergence–guided training to enforce distributional stability. This principled design directly addresses the limitations of prior IDS augmentation methods and provides a robust framework for improving minority intrusion detection.

3. Proposed Methodology

This section outlines the augmentation module, feature selection process, and overall architecture of the proposed MIDS-GAN.

3.1. Overview of the MIDS-GAN Augmentation Module (Train-Time Only)

The core augmentation module of MIDS-GAN integrates three mechanisms: (i) conditional generation via ACGAN for label-faithful synthesis, (ii) class-wise KL-divergence regularization for distributional alignment, and (iii) trainable ACON activation to enhance nonlinearity and stability in sparse minority regions. It functions exclusively during training (Figure 1a). Given minority samples $x\mid y$ and their labels $y$, the generator $G(z\mid y)$ (ACON) synthesizes class-conditional flows $\tilde{x}\mid y$ from random noise $z$. The discriminator $D$ jointly learns adversarial and auxiliary classification objectives through ${\mathcal{L}}_{adv}$ and ${\mathcal{L}}_{cls}$, while a class-wise divergence penalty (${\lambda }_{KL}{\mathcal{L}}_{KL})$ aligns real and generated feature distributions to enforce statistical fidelity, guiding the generator toward more faithful minority manifolds. The resulting synthetic data are combined with real samples to form an augmented training set, whereas testing always relies on real data only to prevent bias leakage.

Figure 1b shows the integration of the MIDS-GAN augmentation module within the IDS workflow, where data preprocessing and structured feature selection (SFS) precede the augmentation, followed by classifiers training.

The anomaly detection task is formulated as a multi-class supervised learning problem. Let $X\in R^{n\times d}$ denote the training dataset with $n$ samples and $d$ features, and $Y=\{y_1,y_2,\dots ,y_n\}$ denote the corresponding class labels. The objective is to learn a function $f:X\to Y$ that generalizes effectively to unseen data, with particular emphasis on underrepresented (minority) classes.

3.2. Feature-Driven Preprocessing

Before model development, the raw dataset undergoes a systematic preprocessing pipeline to ensure consistency, numerical compatibility, and scale normalization—which is crucial for neural network-based models like GANs. This process includes the following steps:

3.2.1. Encoding of Categorical Features

Network intrusion datasets contain both numerical and categorical variables, requiring categorical features to be transformed into numeric representations to ensure neural network compatibility. Early approaches to encoding categorical features relied on simple methods such as one-hot or ordinal, while more recent studies have adopted deep-learned embedding techniques [29]. However, naive encodings can distort joint distributions between categorical and continuous variables, thereby reducing generative fidelity which is a limitation frequently emphasized in tabular learning literature [30]. To overcome this, type-aware models such as Conditional Tabular GAN (CTGAN) [31] and CTAB-GAN+ [32] employ specialized encoders and mode-specific normalization to preserve categorical–continuous dependencies. This capability is crucial in IDS applications, where protocol types, service categories, and flag attributes must accurately interact with numerical traffic statistics.

3.2.2. Normalization and Scaling

For numerical features, a two-step normalization strategy is applied, beginning with unit-norm scaling followed by robust scaling based on the interquartile range (IQR). This approach mitigates the impact of outliers and heavy-tailed distributions common in intrusion detection datasets (e.g., burst traffic or skewed packet size). Recent generative modelling studies [32,33] further recommend mode-specific normalization to accommodate multimodal continuous attributes, providing a more expressive basis for synthesizing realistic intrusion traffic samples.

3.2.3. Constant Feature Removal

Features exhibiting extremely low variance (i.e., constant in more than 99.5% of samples) are removed, as they contribute little to learning and may increase overfitting or unnecessary parameter complexity. The resulting dataset from this preprocessing pipeline offers a cleaner and more numerically stable foundation for subsequent feature selection and model training.

3.3. Structured Feature Selection: Correlation-Based Filtering (SFS)

To further improve the quality of the input feature space, a structured feature selection step based on correlation analysis is applied. This process identifies and remove highly correlated features that may cause multicollinearity, redundancy, and overfitting—particularly problematic for deep generative models such as GANs.

For each dataset, a pairwise correlation matrix is computed among continuous features. The linear relationship between two features, X and Y, is quantified using the Pearson correlation coefficient [34], defined as

$${\rho }_{X,Y}={\displaystyle \frac{{\sum }_{i=1}^n\left(X_i-\overline{X}\right)\left(Y_i-\overline{Y}\right)}{\sqrt{{\sum }_{i=1}^n{\left(X_i-\overline{X}\right)}^2}\cdot \sqrt{{\sum }_{i=1}^n{\left(Y_i-\overline{Y}\right)}^2}}}$$

(1)

where

$X_{i }and Y_{i }$ represent the values of features $X \mathrm{and} Y$ for sample $i$.

$\overline{X} \mathrm{and} \overline{ Y}$ represent the means of $X \mathrm{and} Y$, respectively.

$n$ represents the number of data samples.

Features with $\mathit{Threshold}: \left|\rho \right|>\theta$ (where $\theta$ is a predefined threshold, e.g., 0.95) are considered highly correlated. Among these feature pairs, one is removed based on heuristic criteria such as higher mean absolute correlation with other features or lower relevance to minority classes.

In this study, a conservative upper bound of θ = 0.95 is adopted to ensure strong decorrelation and minimize multicollinearity among intrusion detection features. This option aligns with prior study, where Khan et al. [35] used a 95% correlation cutoff for redundancy removal in Smart City intrusion detection, and Sabilla et al. [36] identified r ≥ 0.95 as the optimal correlation threshold for feature reduction in correlation-based selection. Similar thresholds are also recommended in correlation-filtering studies to maintain sufficient feature independence in high-dimensional IDS datasets.

This approach is inspired by Correlation-Based Feature Selection (CFS) [37] and has been widely applied in domains such as text classification [38] and intrusion detection [39]. More recently, hybrid feature selection strategies combining correlation measures with wrapper-based refinement have been proposed for network intrusion detection, highlighting the continued relevance of correlation-aware methods in cybersecurity [40].

3.4. Conditional Generation via ACGAN with ACON Activation

To generate synthetic samples for specific intrusion classes, a conditional generative adversarial network (cGAN) is employed in the form of an ACGAN [26], integrated with ACON [8]. This configuration enables the generator to produce class-specific outputs, while the discriminator simultaneously evaluates sample authenticity and class label consistency. The internal architecture of the proposed model is illustrated in Figure 2, highlighting the interaction between the generator and the dual-headed discriminator as described below.

The generator receives a noise vector $z\sim \mathcal{N}\left(0,I\right)$ concatenated with a class label $c\in \mathcal{C}$, enabling the synthesis of class-conditioned samples. The generated output is expressed as

$$\tilde{x}=G\left(z,c\right)$$

(2)

The discriminator has a dual-head structure. Its outputs include ${\mathit{D}}_{\mathit{source}}\left(x\right)\in \left[\mathrm{0,1}\right]$, representing the probability that $x$ is real, and ${\mathit{D}}_{\mathit{class}}\left(x\right)\in R^{\left|C\right|}$, a softmax distribution over class labels. This architecture enables the model to learn both data realism and class consistency simultaneously.

The architectural design supports the dual-loss function in ACGAN: the source loss $\left(L_{\mathrm{source}}\right)$ promotes realism, while the class loss $\left(L_{\mathrm{class}}\right)$ ensures label-consistent in synthetic samples. By integrating ACON [8], both generator and discriminator benefit from trainable, adaptive activation dynamics that enhance gradient flow and representation power. The interaction between these objectives, combined with adaptive activations, is crucial for generating high-fidelity data for minority intrusion classes.

The generator mapping function is defined over latent and conditional spaces as follows:

$$z\in R^k,\hspace{1em}c\in \{1,\dots ,C\},\hspace{1em}G:R^k\times C\to R^d$$

(3)

The output of the generator is

$$G\left(z,c\right)=x\in R^d$$

(4)

The discriminator is modeled as a joint function that outputs both the real/fake authenticity score and the corresponding class prediction:

$$D\left(x\right)=\left(D_{\mathrm{source}}\left(x\right),\hspace{0.25em}{D}_{\mathrm{class}}\left(x\right)\right)$$

(5)

The class prediction is calculated using the softmax activation over |$\mathcal{C}$| classes:

$$D_{class,i}\left(x\right)={\displaystyle \frac{\mathit{exp}\left(w_i^{T}x\right)}{{\sum }_{j=1}^{\left|C\right|}\mathit{exp}\left(w_j^{T}x\right)}},\hspace{1em}i=1,\dots ,\left|C\right|$$

(6)

To assess training convergence, the problem is formulated as a divergence minimization task. Given the real distribution $P_r\left(x∣c\right)$ and the generator-induced distribution $P_g\left(x∣c;{\theta }_G\right)$, the class-conditional KL divergence [26,33,41] is evaluated under structured feature constraints $\mathcal{S}$, ensuring that generated samples remain statistically aligned with their real counterparts

$$\mathrm{K}\mathrm{L}\left({\mathrm{P}}_{\mathrm{r}}\left(.|\mathrm{c}\right) \parallel {\mathrm{P}}_{\mathrm{g}}\left(.|\mathrm{c}; {\mathsf{\theta }}_{\mathrm{G}}\right)\right) = {\mathrm{E}}_{\mathrm{x}~{\mathrm{P}}_{\mathrm{r}}\left(.|\mathrm{c}\right)}\left[\mathrm{l}\mathrm{o}\mathrm{g}\left({\mathrm{P}}_{\mathrm{r}}\left(\mathrm{x}|\mathrm{c}\right) / {\mathrm{P}}_{\mathrm{g}}\left(\mathrm{x}|\mathrm{c}; {\mathsf{\theta }}_{\mathrm{G}}\right)\right)\right]$$

(7)

Here, ${\mathsf{\theta }}_G$ denotes the generator parameters, and a lower KL value indicates that $P_g\left(x∣c;{\mathsf{\theta }}_G\right)$ more closely approximates $P_r\left(x∣c\right)$.

3.4.1. Full Loss Function Formulation

To ensure consistency, both the discriminator and generator losses are formulated in a minimization form using negative log-likelihood for the source and class terms, consistent with ACGAN framework [26].

Discriminator loss:

$$L_D = E_{\left(x,c\right)~p_{data}}\left[-log D_{source}\left(x\right) - {\mathsf{\lambda }}_{cls} log P\left(c|x\right)\right] + E_{\left(z,c\right)~p_{\left(z,c\right)}}\left[-log\left(1 - D_{source}\left(G\left(z,c\right)\right)\right)\right]$$

(8)

Generator loss:

$${\mathrm{L}}_{\mathrm{G}} = {\mathrm{E}}_{\left(\mathrm{z},\mathrm{c}\right)~{\mathrm{p}}_{\left(\mathrm{z},\mathrm{c}\right)}}\left[-\mathrm{l}\mathrm{o}\mathrm{g} {\mathrm{D}}_{\mathrm{s}}\mathrm{o}\mathrm{u}\mathrm{r}\mathrm{c}\mathrm{e}\left(\mathrm{G}\left(\mathrm{z},\mathrm{c}\right)\right) - {\mathsf{\lambda }}_{\mathrm{c}}\mathrm{l}\mathrm{s} \mathrm{l}\mathrm{o}\mathrm{g} \mathrm{P}\left(\mathrm{c}|\mathrm{G}\left(\mathrm{z},\mathrm{c}\right)\right)\right]$$

(9)

Note: In the original ACGAN, the class-loss term can be applied to real samples, fake samples, or both. In this study, the simplified and widely adopted formulation is used, where the class term is applied as shown above, ensuring full consistency with the minimization objective.

3.4.2. Trainable Activation: ACON

To enhance the representational capacity of both the generator and discriminator, traditional ReLU activations are replaced with the Adaptive Concatenated Activation (ACON) function, defined as

$$\mathit{ACON}\left(x\right)=\left(p_1-p_2\right)x\cdot \sigma \left[\beta \left(p_1-p_2\right)x\right]+p_{2}x$$

(10)

where

$\sigma \left(\cdot \right)$ $\mathrm{denotes} \mathrm{the} \mathrm{sigmoid} \mathrm{function}$.

$p_1 and p_2$ are learnable parameters controlling the linear bounds.

β is a learnable scaling factor regulating nonlinearity.

This activation enables dynamic gating, enabling flexible decision boundaries and improving performance in highly imbalanced intrusion-detection tasks.

Intrusion detection datasets are typically highly imbalanced and exhibit heterogeneous traffic patterns, ranging from near-linear background flows to bursty, heavy-tailed attack behaviors. To address this challenge, the learnable gating mechanism of ACON enables the channel-wise adaptation of nonlinearity, improving gradient flow in sparse regions and capturing subtle decision boundaries associated with rare attack classes.

Comparison with Traditional ReLU.

The fixed ReLU function, $ReLU\left(x\right)=max(0,x)$, discards all negative activations and can lead to “dying-neuron” issues in sparse minority regions. In contrast, the ACON activation introduces learnable parameters ($p_1,p_2,\beta$) that enables a smooth transition between linear and nonlinear responses. This adaptability preserves weak or negative signals that may represent subtle intrusion patterns. Empirically, replacing ReLU with ACON stabilizes gradient flow and enhances feature expressiveness, particularly for ultra-minority classes such as U2R and Worms. Therefore, ACON serves as a data-adaptive alternative that enhances both convergence and fidelity in the proposed MIDS-GAN framework.

GAN Training Dynamics.

The adversarial training process alternates between two steps:

• Discriminator Update: Minimize $L_{\mathrm{D}}$ using real data $x\sim p_{\mathrm{data}}$ and synthetic data $G\left(z,c\right)$
• Generator Update: Minimize $L_G$, focusing on fooling $D$ and generating label-consistent samples

3.4.3. Minimax Training Objective

Beyond the conventional min–max adversarial game, the proposed framework embeds this training process within a divergence minimization formulation, integrating adversarial loss with KL-guided alignment. This formulation ensures that the generator is optimized not only to deceive the discriminator but also to explicitly minimize distributional discrepancies under feature constraints.

$$mi{n}_{G}ma{x}_D{E}_{x\sim p_{d}ata}\left[logD\left(x\right)\right]+E_{z\sim p_z}\left[log\left(1-D\left(G\left(z\right)\right)\right)\right]$$

(11)

Optimization was performed using the Adam optimizer, a stochastic gradient–based method with tuned learning rates.

To further align with the theoretical foundation of conditional GANs, the explicit formulation of loss functions and KL-divergence used in during training is presented. The discriminator loss is defined as

$$L_D=E_{\left(x,c\right)\sim p_{\mathrm{dt}}}\left[\log D_{\mathrm{source}}\left(x\right)\right]+E_{\left(z,c\right)\sim p\left(z,c\right)}\left[\log \left(1-D_{\mathrm{source}}\left(G\left(z,c\right)\right)\right)\right]-{\lambda }_{\mathrm{cls}}\cdot L_{\mathrm{class}}$$

(12)

The generator loss becomes

$$L_G=E_{\left(z,c\right)\sim p\left(z,c\right)}\left[\log D_{\mathrm{source}}\left(G\left(z,c\right)\right)\right]+{\lambda }_{\mathrm{cls}}{E}_{\left(z,c\right)}\left[\log P\left(c∣G\left(z,c\right)\right)\right]$$

(13)

Distributional similarity between real and generated data is evaluated using KL-divergence (Equation (7)). Training is optimized via gradient backpropagation, with convergence monitored through class-conditional KL-divergence.

Explanation of Algorithm 1. 

Algorithm 1 outlines the adversarial training process of the proposed MIDS-GAN, which integrates conditional generation [25], auxiliary classification [26], and the adaptive ACON activation [8]. The process begins with the initialization of generator and discriminator parameters. For each epoch, real samples from the dataset and synthetic samples generated by $G(z,c)$ are alternately used to update the discriminator $D$, following the mini–max adversarial framework of Goodfellow et al. [15]. The generator is subsequently updated to minimize the adversarial loss while maintaining class-label consistency, consistent with the ACGAN principle [26]. The ACON activation [8] dynamically adapts neuron responses to stabilize gradient flow. Training iterations continue until the class-conditional KL divergence between real and synthetic data distributions converges, ensuring that the generated data are statistically aligned with the minority-class manifold.

Algorithm 1. Training mechanism of ACON-Activated ACGAN with SFS based on minibatch stochastic gradient descent.

Input: $k$ = 1 (number of $D$ steps), $\alpha$ = 2 × 10−4 (Adam),$n$∙ = 128 (minibatch size),

${\theta }_D$, ${\theta }_G$ (initialized), SFS-selected features.

Output: Trained generator $G$∙ (class-conditioned synthesis).

for number of training iterations do

for $k$ steps do

Sample minibatch ${{\{z}_i\}}_{i=1}^m~p_z\left(z\right)$

Sample minibatch $\{\left(x_i,c_i\right){\}}_{i=1}^m\sim p_{\mathrm{data}}\left(x,c\right)$

Compute source loss

${\mathcal{L}}_{\mathrm{source}}={\displaystyle \frac{1}{m}}{\displaystyle \sum _{i=1}^m}\left[\log D_{\mathrm{source}}\left(x_i\right)+\log \left(1-D_{\mathrm{source}}\left(G\left(z_i,c_i\right)\right)\right)\right]$

Compute class loss

${\mathcal{L}}_{\mathrm{class}}={\displaystyle \frac{1}{2m}}{\displaystyle \sum _{i=1}^m}\left[\log P\left(c_i∣x_i\right)+\log P\left(c_i∣G\left(z_i,c_i\right)\right)\right]$

Update D by minimizing

${\mathcal{L}}_{\mathcal{D}}=-{\mathcal{L}}_{\mathrm{source}}-{\mathsf{\lambda }}_{\mathrm{cls}}\cdot {\mathcal{L}}_{\mathrm{class}}$

end for

Resample $\{\left(z_i,c_i\right){\}}_{i=1}^m$

Update $G$∙ by minimizing

$L_G=-{\displaystyle \frac{1}{m}}{\displaystyle \sum _{i=1}^m}\log D_{\mathrm{source}}\left(G\left(z_i,c_i\right)\right)-{\lambda }_{\mathrm{cls}}{\displaystyle \frac{1}{m}}{\displaystyle \sum _{i=1}^m}\log P\left(c_i∣G\left(z_i,c_i\right)\right)$

end for

Note: Stop when the KL-divergence between real and synthetic feature distributions converges.

3.5. Rationale for Determining the Number of Synthetic Samples per Minority Class

Severe class imbalance is known to impair generalization in intrusion detection systems [5,42], while oversampling methods such as SMOTE and its variants often overlook redundancy and overfitting risks in pursuit of full balance [9,12]. Recent GAN-based IDS approaches (e.g., DGM, SPE-ACGAN) have recognized the challenge posed by ultra-minority classes [19,28]. Motivated by these findings, this propose a principled heuristic strategy for determining the number of synthetic samples per minority class, ensuring sufficient representation while avoiding excessive upsampling in rare categories.

In imbalanced intrusion detection datasets such as NSL-KDD and UNSW-NB15, minority classes are typically underrepresented, leading to poor generalization by classifiers. To address this, a principled and heuristic-guided method is adopted to determine the number of synthetic samples ${(T}_c$) generated for each minority class $\left(C\right)$. The objective is to maintain class representation diversity while avoiding redundancy and overfitting, particularly in extremely rare classes.

The procedure is structured into three main steps, described in the following Section 3.5.1, Section 3.5.2 and Section 3.5.3:

3.5.1. Computation of Minority-to-Majority Ratio

Initially, the raw ratio $R_c$ is computed, which quantifies the relative proportion of a minority class $C$ with respect to the majority class [13]:

$$R_c={\displaystyle \frac{N_c}{N_{\mathrm{major}}}}$$

(14)

where

$N_c$ is the number of original samples in class $C$.

$N_{major}$ is the number of samples in the majority class (typically “Normal”).

This ratio serves as a baseline metric to understand the degree of imbalance across classes.

3.5.2. Theoretical Target for Full Balance

Assuming perfect balance, each class should contain the same number of samples as the majority. The theoretical multiplier $M_c$ required to achieve full balance is computed as [42]:

$$M_c={\displaystyle \frac{1}{R_c}}={\displaystyle \frac{N_{\mathrm{major}}}{N_c}}$$

(15)

The corresponding target number of synthetic samples is

$$T_c^{\mathrm{ideal}}=M_c\times N_c=N_{\mathrm{major}}$$

(16)

However, fully replicating the majority count is often impractical for extremely small classes (e.g., U2R in NSL-KDD, Worms in UNSW-NB15), as it can lead to highly redundant risks generating synthetic data with limited diversity [12,14], thereby increasing the risk of overfitting and degrading downstream classifiers performance.

3.5.3. Adjusted Target with Heuristic Constraints

To determine a more practical target $T_c$, empirical upper bounds $N_{\mathrm{cap} }^{\left(c\right)}$ are introduced for each class based on domain knowledge. The final number of synthetic samples is then defined as

$$T_c=\mathrm{m}\mathrm{i}\mathrm{n}\left(M_c{N}_c,\hspace{0.17em}{N}_{\mathrm{cap}}^{\left(c\right)}\right)$$

(17)

where

$N_{\mathrm{cap} }^{\left(c\right)}$ is the empirically chosen cap per class.

This approach balances representational adequacy with the need to avoid excessive upsampling [12,14]. The selection of $N_{\mathrm{cap} }^{\left(c\right)}$ is guided by the following criteria:

• Class complexity: complex classes, such as Shellcode, require more diversity.
• Overfitting risk: extremely rare classes (e.g., U2R or Worms) are capped to prevent synthetic redundancy [19,28].
• Minimum threshold for classifier training: each class is ensured to have enough samples (typically >1000) to enable effective learning (

  Table 1. Heuristic-based strategy for minority class synthetic data generation on NSL-KDD.

  Class	Training Set ${\mathit{N}}_{\mathit{c}}$	Test Set	Raw Ratio $\frac{{\mathit{N}}_{\mathit{c}}}{{\mathit{N}}_{\mathrm{Normal}}}$	Required Multiplier ${\mathit{M}}_{\mathit{c}}$	Applied Multiplier $(\mathit{x} {\mathit{M}}_{\mathit{c}})$	Final Target ${\mathit{T}}_{\mathit{c}}$	Class Type
  Normal	67,342	9710	1.0000	1.0	-	0	Major
  DoS	45,927	7457	0.6819	1.5	-	0	Major
  Probe	11,656	2421	0.1731	5.8	0.43	5000	Minor
  R2L	995	2754	0.0148	67.7	3	3000	Minor
  U2R	52	200	0.0008	1294.7	38	2000	Rare

  and

  Table 2. Heuristic-based strategy for minority class synthetic data generation on UNSW-NB15.

  Class	Training Set ${\mathit{N}}_{\mathit{c}}$	Test Set	Raw Ratio $\frac{{\mathit{N}}_{\mathit{c}}}{{\mathit{N}}_{\mathrm{Normal}}}$	Required Multiplier ${\mathit{M}}_{\mathit{c}}$	Applied Multiplier $(\mathit{x} {\mathit{M}}_{\mathit{c}})$	Final Target ${\mathit{T}}_{\mathit{c}}$	Class Type
  Analysis	2000	667	0.0357	28.0	1.5	3000	Minor
  Backdoor	1746	583	0.0312	32.1	1.7	3000	Minor
  DoS	12,264	4089	0.2197	4.5	0.24	3000	Minor
  Exploits	33,393	11,132	0.5963	1.7	-	0	Major
  Fuzzers	18,184	6062	0.3240	3.1	0.27	5000	Minor
  Generic	40,000	18,871	0.7143	1.4	-	0	Major
  Normal	56,000	37,000	1.0000	1.0	-	0	Major
  Reconnaissance	10,491	3494	0.1873	5.3	0.48	5000	Minor
  Shellcode	1133	378	0.0202	49.4	2.6	3000	Minor
  Worms	130	44	0.0023	430.8	15.4	2000	Rare Avoid overfitting (×15 is sufficient)

  ).

3.6. Machine Learning Classifier

To evaluate the effectiveness of the synthetic data generated by the proposed framework, multiple machine learning classifiers were employed as downstream models for intrusion detection. This evaluation aims to determine whether the generated samples enhance the detection capability for minority attack classes, which are typically underrepresented in real-world network traffic datasets.

The evaluation procedure follows a consistent experimental protocol in which all classifiers were trained on both the original dataset and an augmented one combining real and GAN-generated samples. To ensure fair and unbiased comparisons, preprocessing steps include normalization, structured feature selection, and class-balanced sampling.

Model performance is evaluated using weighted F1-score, precision, and recall under k-fold cross-validation (k = 5) to enhance robustness and reduce variance from sampling bias. This experimental design enables a systematic assessment of whether the proposed generative model can improve minority-class detection across different classification algorithms.

Weighted F1-score was chosen as the primary evaluation metric because it accounts for class imbalance by weighing each class according to its sample proportion, thereby providing a fair representation of performance across both majority and minority attack categories. The 5-fold cross-validation (K = 5) setup ensures robust and computationally efficient evaluation, consistent with recent IDS studies [43,44]. Preliminary tests with higher K values produced similar results, confirming the stability and reliability of this configuration.

3.7. Computational Complexity (Concise)

Let $N$ denote the number of samples, $B$, the batch size; $d$, the feature dimension; $C$, the number of classes; and ${\mathcal{C}}_G,{\mathcal{C}}_D$ the FLOP cost of one forward pass of the generator and discriminator. With $k_D$ discriminator updates per generator step, one epoch scales as

$$\mathcal{O}\left({\displaystyle \frac{N}{B}}\left(\left(2k_D+1\right)\hspace{0.17em}{C}_D+2\hspace{0.17em}{C}_G\right)\right)$$

(18)

Dominated by MPL matrix multiplications:

$$\mathcal{O}\left(B{\sum }_{l=1}^L{n}_{l-1}{n}_l\right)$$

(19)

The proposed additions preserve the asymptotic order: KL-guided alignment introduces a linear-time term $\mathcal{O}\left(B\hspace{0.17em}d\right)-\mathcal{O}\left(B\hspace{0.17em}d\hspace{0.17em}C\right)$; ACON introduces a minor constant-factor overhead compared with ReLU; and feature constraints are element-wise $\mathcal{O}\left(B\hspace{0.17em}d\right)$. Generating $M$ synthetic samples incur a cost of $\mathcal{O}\left(M\hspace{0.17em}{C}_G\right)$, corresponding to a forward of $G$ only. During inference, the GAN is not used—only the downstream classifier is executed—thus keeping deployment cost unchanged.

4. Experimental and Results

This section presents the experimental setup, implementation environment, and obtained results of the proposed MIDS-GAN framework. It outlines the datasets, system configuration, and baseline methods, followed by performance evaluation using multiple classifiers. Results are analyzed using accuracy, weighted F1-score, precision, recall, KL divergence, and visualization techniques to demonstrate the effectiveness of MIDS-GAN in mitigating class imbalance and overlap in intrusion detection.

4.1. System and Tool Requirements

To ensure reproducibility and transparency, the implementation environment used for developing and evaluating the proposed MIDS-GAN framework is summarized. All experiments were conducted in Python 3.8 using TensorFlow-GPU as the deep learning backend and on a high-performance workstation. The software stack includes libraries for deep learning, machine learning, and data preprocessing, as listed in

Table 3. Implementation Environment.

Component	Specification
Operating System	Ubuntu 20.04 LTS
Development IDE	Visual Studio Code 1.105.1
Programming Lang.	Python 3.x
Deep Learning	TensorFlow-GPU 2.4, Keras 2.4.3
Machine Learning	scikit-learn 0.24.0
Data Processing	Pandas 1.1.5, NumPy 1.19.5
Utilities	tqdm 4.50.0, Matplotlib 3.3, Seaborn 0.11
Hardware	Intel Core i5 CPU, 16 GB RAM, NVIDIA RTX 3060 Ti GPU (8 GB VRAM)

.

4.2. Dataset Information

This study employs two widely used benchmark datasets: NSL-KDD and UNSW-NB15. Both are publicly available and extensively adopted in intrusion detection research, offering complementary perspectives—NSL-KDD as a refined classical benchmark and UNSW-NB15 as a modern traffic dataset. Detailed descriptions and references are provided in the following subsections.

4.2.1. NSL-KDD

The NSL-KDD dataset is an enhanced and cleaned version of the original KDD’99 benchmark [45]. Its refinement—removing redundant records and mitigating severe class imbalance—was systematically analyzed and documented by Tavallaee et al. [46]. The dataset comprises 41 features representing network-traffic connections, grouped into five major classes: Normal, Denial-of-Service (DoS), Probe, Remote-to-Local (R2L), and User-to-Root (U2R), and is publicly available through the Canadian Institute for Cybersecurity (CIC) [47].

A key limitation of NSL-KDD is its strong class imbalance. While the Normal and DoS dominate, the minority classes (R2L and U2R) contain only a few hundred instances, posing significant challenges for conventional classifiers.

Table 4. Original Class Distribution of NSL-KDD.

Class	Type	Training Set	Test Set	Total	Ratio (%)
Normal	Major	67,342	9710	77,052	51.88%
DoS	Major	45,927	7457	53,384	35.95%
Probe	Minor	11,656	2421	14,077	9.48%
R2L	Minor	995	2754	3749	2.52%
U2R	Rare	52	200	252	0.17%

summarizes the training and testing distributions for each class.

4.2.2. UNSW-NB15

The UNSW-NB15 dataset was generated in a controlled environment at the Cyber Range Lab of UNSW Canberra using the IXIA PerfectStorm tool [48]. It consists of modern network traffic with 49 features, including both flow-based and content-based attributes, and is considered more representative of real-world attacks compared to NSL-KDD. The dataset is divided into ten classes: Normal, Generic, Exploits, Fuzzers, DoS, Reconnaissance, Analysis, Backdoor, Shellcode, and Worms.

Similarly to NSL-KDD, the UNSW-NB15 dataset exhibits highly skewed class distribution. Dominant classes such as Generic and Exploits make up most of the samples, while minority classes like Worms and Shellcode are extremely underrepresented. These rare classes are crucial for intrusion detection systems but are often overlooked by classifiers due to their scarcity.

Table 5. Original Class Distribution of UNSW-NB15.

Class	Type	Training Set	Test Set	Total	Ratio (%)
Analysis	Minor	2000	667	2667	1.04%
Backdoor	Minor	1746	583	2329	0.90%
DoS	Minor	12,264	4089	16,353	6.35%
Exploits	Major	33,393	11,132	44,525	17.28%
Fuzzers	Minor	18,184	6062	24,246	9.41%
Generic	Major	40,000	18,871	58,871	22.85%
Normal	Major	56,000	37,000	93,000	36.09%
Reconnaissance	Minor	10,491	3494	13,985	5.43%
Shellcode	Minor	1133	378	1511	0.59%
Worms	Rare	130	44	174	0.07%

presents detailed statistics for the UNSW-NB15 dataset, which is publicly available from the UNSW Canberra research portal [49].

4.2.3. Dataset Challenges (Imbalance and Overlap)

Both NSL-KDD and UNSW-NB15 pose two critical challenges that hinder intrusion detection performance: class imbalance and class overlap. In NSL-KDD, most records belong to Normal and DoS categories, while minority classes such as R2L and U2R account for less than 5% of the samples, causing classifiers to favor majority classes and overlook rare but critical intrusions. A similar imbalance exists in UNSW-NB15, where Generic and Exploits dominate, and rare classes like Worms and Shellcode have only a few hundred instances.

Class overlap further complicates UNSW-NB15, as attack categories such as Exploits, Generic, and Fuzzers share similar traffic features, leading to ambiguous decision boundaries and frequent misclassification. Consequently, models trained on such data often fail to generalize effectively to unseen attack variants.

In short, these challenges highlight the need for advanced data augmentation strategies that can both balance class representation and enhance feature separability across intrusion categories.

Dataset scope. NSL-KDD and UNSW-NB15 are widely used IDS benchmarks, representing conventional (primarily IPv4) enterprise and LAN traffic. They do not explicitly capture SDN control/data-plane behaviors or IPv6 flows; therefore, the empirical findings of this study are interpreted within this scope.

4.2.4. Relevance to This Study

The coexistence of class imbalance and overlap makes NSL-KDD and UNSW-NB15 rigorous and suitable benchmarks for evaluating the proposed MIDS-GAN framework. Unlike traditional oversampling methods that simply replicate minority samples, MIDS-GAN is designed to (i) balance minority class representation, (ii) preserve distributional similarity to real data, and (iii) enhance classifier performance in detecting rare intrusions while mitigating misclassification caused by overlapping features.

By simultaneously addressing imbalance and overlap, the proposed framework targets two critical challenges in intrusion detection research. The selected datasets thus serve as realistic testbeds for evaluating the effectiveness of MIDS-GAN in enhancing minority intrusion detection within complex and heterogeneous network environments.

4.3. Implementation Details

To ensure reproducibility, this section summarizes the implementation settings used for training and evaluating the proposed MIDS-GAN. It details the GAN architecture, training hyperparameters, and evaluation protocols, including latent dimension, batch size, optimizer configuration, and the number of training epochs. Additionally, the settings of baseline oversampling methods and classifier models are kept consistent to ensure a fair comparison.

4.4. Model Hyperparameter Configuration

The architectural and training configurations of MIDS-GAN were carefully selected to balance stability, convergence, and expressiveness in modeling minority class distributions.

Table 6. Hyperparameters of MIDS-GAN variants.

Parameter	NSL–ACON	NSL–ReLU	UNSW–ACON	UNSW–ReLU
Epochs	2000	2000	2000	2000
Batch size	128	128	128	128
Latent dim (z)	100	100	100	100
Optimizer (G/D)	Adam	Adam	Adam	Adam
LR (G/D)	2 × 10−4	2 × 10−4	2 × 10−4	2 × 10−4
Layers (G/D)	4/4	4/4	4/4	4/4
Hidden units (G)	128 → 64 → 32 →$(*d_{NSL})$	128 → 64 → 32 → $\left(d_{NSL}\right)$	128 → 64 → 32 → $(*d_{UNSW})$	128 → 64 → 32→ $\left(d_{UNSW}\right)$
Hidden units (D)	128 → 64 → 32 → $(1 + C_{NSL})$	128 → 64 → 32 → $(1 + C_{NSL})$	128 → 64 → 32 → $(1 +C_{UNSW})$	128 → 64 → 32 → $(1 + C_{UNSW})$
Activation	ACON (trainable α,β,γ)	ReLU	ACON (trainable α,β,γ)	ReLU
Dropout	0.2	0.2	0.2	0.2
Update Ratio (D:G)	1:3	1:3	1:3	1:3
Validation	5-fold CV	5-fold CV	5-fold CV	5-fold CV

* Note: $d_{NSL}$ and $d_{UNSW}$ denote the feature dimensions of the respective datasets. The hyperparameters listed in Table 6 were selected based on commonly adopted configurations in GAN-related studies [15,19,24] and were empirically refined for convergence stability on NSL-KDD and UNSW-NB15 datasets.

summarizes the key hyperparameters used across four experimental setups—ACON and ReLU activations on both NSL-KDD and UNSW-NB15 datasets. These configurations were consistently applied in all GAN training phases to ensure comparability and reproducibility.

Justification of Hyperparameters

The hyperparameter selection for MIDS-GAN was guided by empirical best practices and the convergence behavior of Kullback–Leibler (KL) divergence between real and synthetic data distributions. Rather than manual tuning of downstream classifiers, the focus was placed on GAN-side configurations that directly affect the fidelity of minority class generation. The complete configuration is presented in Table 6.

All models used a latent dimension of 100, batch size of 128, and a discriminator-to-generator update ratio of 1:3. The latent dimension was set to 100, following common practice in GAN research, to balance expressive capacity and training stability. A batch size of 128 was selected to optimize computational efficiency and stable gradient estimation. Training was conducted for 2000 epochs, empirically determined from the KL divergence curves, which steadily decreased and plateaued around epochs 1800–2000 (Figure 3 and Figure 4). This indicates sufficient generator convergence for learning of minority-class patterns in highly imbalanced datasets without further oscillation or collapse.

The generator and discriminator were optimized using Adam with learning rates of 0.0002 and 0.0001, respectively, to stabilize adversarial training and prevent mode collapse, given the discriminator’s faster convergence. The proposed model employed ACON (with trainable parameters α, β, γ) to enhance non-linearity and adaptability, while ReLU was included as a baseline for comparison. This adaptive activation approach is conceptually aligned with strategies such as SPOCU, addressing limitations of fixed activations like ReLU. KL divergence plots confirmed that ACON-based models converged faster and more smoothly, especially for challenging classes such as R2L and U2R (NSL-KDD) and Worms and Shellcode (UNSW-NB15). This KL-guided convergence thus functions both as a stopping criterion and as an indirect indicator of synthetic data quality and diversity.

Evaluation metrics included weighted F1-score, precision, recall, and KL divergence to provide a comprehensive assessment of performance, particularly under class imbalance. A 5-fold cross-validation was used to ensure the reliability and robustness of the results.

Overall, these hyperparameter choices, supported by divergence-based monitoring, enabled MIDS-GAN to generate class-balanced synthetic samples that closely reflect the real data distribution, thus enhancing both data utility and downstream classifier performance.

4.5. Evaluation Criteria

To evaluate the effectiveness of the generated synthetic data and the classifiers used in this study, four widely recognized performance metrics were used: precision, recall, F1-score, and weighted F1-score. Derived from the confusion matrix, these metrics are essential for assessing detection capability, particularly under class imbalance.

The precision metric measures the proportion of correctly predicted positive instances relative to all predicted positives:

$$Precision={\displaystyle \frac{TP}{TP+FP}}$$

(20)

The recall metric, also known as sensitivity, quantifies the proportion of actual positives correctly identified:

$$Recall={\displaystyle \frac{TP}{TP+FN}}$$

(21)

The F1-score is the harmonic mean of precision and recall, balancing their contributions when evaluating models under class imbalance:

$$F1-score=2\cdot {\displaystyle \frac{Precision\cdot Recall}{Precision+Recall}}$$

(22)

To address class imbalance across multiple labels, the weighted F1-score was employed. This metric accounts for the support (sample count) of each class i when averaging:

$$\mathrm{Weighted} F1={\displaystyle \frac{{\sum }_{i=1}^K{\mathrm{Support}}_i\cdot F{1}_i}{\mathrm{Total}}}$$

(23)

where

• TP = True Positives.
• FP = False Positives.
• FN = False Negatives.

• ${\mathrm{Support}}_i$= Number of true instances in class $i$

• $F{1}_i$ = F1-score of class $i$

• $K$ = Total number of classes.

To ensure the generalizability and statistical robustness of the evaluation, 5-fold cross-validation $(K=5)$ was employed. This approach minimizes bias from any specific train-test split and verifies that performance improvements from synthetic data generation remain consistent across folds.

4.6. Comparative Results and Effectiveness of MIDS-GAN

To validate the effectiveness of the proposed MIDS-GAN, its performance was compared with widely used oversampling baselines (SMOTE, ADASYN, SMOTEENN, and Borderline-SMOTE) across two benchmark datasets: NSL-KDD and UNSW-NB15. Evaluation was conducted using multiple classifiers (Random Forest, Decision Tree, Neural Network, and SVM) based on precision, recall, F1-score, and weighted F1. Particular attention was placed on minority classes (R2L, U2R, Shellcode, Worms), which represent the most challenging scenarios in intrusion detection.

4.6.1. NSL-KDD Results

As shown in

Table 7. Classification performance of classifiers on NSL-KDD with and without MIDS-GAN.

		Precision (%)	Recall (%)	F1 Score (%)	Precision (%)	Recall (%)	F1 Score (%)
Class	Classifier	Original Data			MIDS
DoS	Random forest	96	78	86	93	87	90
DoS	Decision tree	95	79	86	90	75	82
DoS	Neural network	96	81	88	92	83	87
DoS	SVM	96	78	86	95	82	88
Probe	Random forest	84	62	72	44	86	58
Probe	Decision tree	81	65	72	41	86	56
Probe	Neural network	73	60	66	43	83	56
Probe	SVM	80	2	67	42	87	57
R2L	Random forest	96	2	5	67	27	39
R2L	Decision tree	71	5	9	41	86	55
R2L	Neural network	85	9	16	43	82	56
R2L	SVM	97	8	16	42	87	57
U2R	Random forest	62	1	3	60	17	26
U2R	Decision tree	60	6	11	44	23	30
U2R	Neural network	72	8	15	61	30	40
U2R	SVM	57	1	2	35	26	30

, MIDS-GAN achieved notable improvement in detecting challenging classes. For example, R2L recall increased from 2% to 27% with Random Forest, and U2R recall improved from 1% to 17% with SVM. These results demonstrate that MIDS-GAN effectively captures the underlying distribution of rare classes, outperforming oversampling methods. Meanwhile, majority classes such as DoS and Normal maintained strong performance, indicating that enhanced minority detection did not compromise majority-class accuracy.

4.6.2. 2 UNSW-NB15 Results

The UNSW-NB15 dataset poses greater challenges due to pronounced class overlap. Nevertheless, MIDS-GAN achieved significant improvements for minority-class detection. For example, Worms recall increased from 18% to 44% with Random Forest, and Shellcode recall improved from 69% to 75% with Decision Tree (

Table 8. Classification performance of classifiers on UNSW-NB15 with and without MIDS-GAN.

		Precision (%)	Recall (%)	F1 Score (%)	Precision (%)	Recall (%)	F1 Score (%)
Class	Classifier	Original Data			MIDS
Analysis	Random forest	0	0	0	0	0	0
Analysis	Decision tree	1	7	3	2	8	4
Analysis	Neural network	0	0	0	0	0	0
Analysis	SVM	0	0	0	0	0	0
Backdoor	Random forest	2	12	3	2	1	4
Backdoor	Decision tree	2	10	3	3	1	5
Backdoor	Neural network	2	1	1	3	2	2
Backdoor	SVM	6	5	11	8	1	2
DoS	Random forest	57	10	17	28	33	30
DoS	Decision tree	29	19	23	27	30	28
DoS	Neural network	28	5	9	31	64	42
DoS	SVM	32	34	33	32	70	44
Exploits	Random forest	60	79	68	78	66	71
Exploits	Decision tree	62	68	65	73	61	66
Exploits	Neural network	56	88	68	74	64	69
Exploits	SVM	81	49	61	83	52	64
Fuzzers	Random forest	30	57	39	86	70	77
Fuzzers	Decision tree	27	47	35	91	65	75
Fuzzers	Neural network	31	52	39	80	61	69
Fuzzers	SVM	22	51	31	71	50	59
Generic	Random forest	100	96	98	100	96	98
Generic	Decision tree	98	97	98	99	97	98
Generic	Neural network	99	95	97	99	95	97
Generic	SVM	99	94	97	99	95	97
Reconnaissance	Random forest	92	80	86	89	82	86
Reconnaissance	Decision tree	89	78	83	88	80	84
Reconnaissance	Neural network	68	82	75	80	81	80
Reconnaissance	SVM	44	79	57	50	85	63
Shellcode	Random forest	39	71	50	40	75	52
Shellcode	Decision tree	36	69	47	38	71	49
Shellcode	Neural network	22	64	33	30	59	40
Shellcode	SVM	7	69	14	16	37	22
Worms	Random forest	57	18	27	69	44	53
Worms	Decision tree	52	52	52	45	63	52
Worms	Neural network	50	15	24	43	10	17
Worms	SVM	4	72	7	7	16	25

). In contrast, traditional oversampling methods often produced marginal or even negative effects on these rare categories. Notably, majority classes such as Generic and Exploits retained high F1-scores (above 95%), indicating that synthetic augmentation did not degrade classifier performance on dominant classes.

4.6.3. Weighted F1-Score Comparison

To provide a dataset-wide perspective,

Table 9. Weighted F1-scores on NSL-KDD.

Model	Random Forest	Decision Tree	Neural Network	SVM
Original	70	71	71	68
SMOTE	71	72	70	71
ADASYN	72	66	70	71
SMOTEENN	73	70	71	71
Borderline-SMOTE	73	70	70	71
MIDS-ACON	72	69	70	71
MIDS-RELU	72	71	70	71

and

Table 10. Weighted F1-scores on UNSW-NB15.

Model	Random Forest		Decision Tree		Neural Network		SVM
Original	76		76		67		58
SMOTE	77		75		73		70
ADASYN	77		75		73		69
SMOTEENN	73		73		67		68
Borderline-SMOTE	77		75		72		69
MIDS-ACON	78		77		77		73
MIDS-RELU	71		77		77		73
Weighted F1-scores	UNSW-NB15	NSL-KDD	UNSW-NB15	NSL-KDD	UNSW-NB15	NSL-KDD	UNSW-NB15	NSL-KDD
Original	76	70	76	71	67	71	58	68
SMOTE	77	71	75	72	73	70	70	71
ADASYN	77	72	75	66	73	70	69	71
SMOTEENN	73	73	73	70	67	71	68	71
Borderline-SMOTE	77	73	75	70	72	70	69	71
MIDS-ACON	78	72	77	69	77	70	73	71
MIDS-RELU	71	72	77	71	77	70	73	71

summarize the weighted F1-scores across all classifiers and augmentation methods.

The weighted F1-score comparisons confirm that MIDS-GAN achieves performance comparable to or better than conventional oversampling baselines. On NSL-KDD, results were stable across classifiers, with MIDS-ACON matching or slightly exceeding SMOTE and Borderline-SMOTE. On UNSW-NB15, MIDS-ACON consistently outperformed baseline methods in our evaluations, reaching 78% weighted F1 with Random Forest, exceeding both SMOTE (77%) and ADASYN (77%). These findings indicate that the adaptive activation (ACON) provides a measurable advantage over ReLU by modeling more complex decision boundaries.

Overall, the weighted F1 performance across all classifiers and augmentation methods (Table 9 and Table 10) demonstrates dataset-wide improvements, complementing the class-specific recall gains observed for minority attack categories.

Table 11. ΔRecall on ultra-minority classes (NSL-KDD and UNSW-NB15).

Dataset	Class	Classifier	Recall	Recall	∆Recall (%)
			(Original) (%)	(MIDS-GAN) (%)
NSL-KDD	R2L	Random Forest	2	27	25
NSL-KDD	U2R	SVM	1	26	25
UNSW-NB15	Worms	Random Forest	18	44	26

and

Table 12. Cross-study ΔRecall (%) on ultra-minority classes (best classifier per study). (“Advantage” = MIDS-GAN − DGM, in percentage points.)

Dataset	Class	MIDS-GAN	Best Classifier	DGM [19]	Best Classifier	Advantage (pp)
NSL-KDD	R2L	+25 (2→27)	Random Forest	+17 (9→26)	SVM	+8
NSL-KDD	U2R	+25 (1→26)	SVM	+8 (9→17)	Random Forest	+17
UNSW-NB15	Worms	+26 (18→44)	Random Forest	+1 (0→1)	Random Forest	+25
Average Improvement (Δ pp)						≈+16.7

Note. Due to variations in experimental protocols across studies, these figures are presented for contextual comparison rather than a direct ranking.

highlight the recall improvements for key minority classes in the NSL-KDD and UNSW-NB15 datasets. The results demonstrate substantial performance gains for rare classes such as R2L, U2R, Shellcode, and Worms, indicating the effectiveness of MIDS-GAN augmentation.

Minority-class sensitivity. While the weighted F1 summarizes overall performance, Table 11 highlights the largest ΔRecall on rare but critical classes—R2L, U2R, and Worms—demonstrating substantial gains for ultra-minority detection. Additionally, Table 12 presents a cross-study comparison of ΔRecall (%) for ultra-minority classes between MIDS-GAN and the recently proposed Data Generative Model (DGM) [19], highlighting MIDS-GAN’s superior effectiveness in detecting ultra-minority categories.

5. Discussion

5.1. Portability and Scope

MIDS-GAN, designed for tabular flow and content features, is inherently adaptable to other network environments (e.g., IPv6, SDN, 5G and beyond) given suitable protocol-specific features and labeled data, with retraining and validation in those contexts. However, current evidence is limited to NSL-KDD and UNSW-NB15, and no out-of-scope performance is claimed.

5.2. Limitations

The evaluated datasets (NSL-KDD, UNSW-NB15) primarily represent conventional IPv4 enterprise and LAN traffic and do not capture model SDN control/data-plane dynamics or IPv6 flows. Consequently, external validity to IPv6, SDN, and 5G-and-beyond environments remains to be established.

5.3. Significance of Recall Improvement on Ultra-Minority Classes

While most GAN-based IDS studies focus on overall F1-score, such aggregate metrics can obscure the detection behavior of ultra-minority classes (e.g., U2R, R2L, Worms, Shellcode). In contrast, Recall directly reflects a model’s ability to detect true attacks, where even small shortfalls may result in undetected intrusions. The proposed MIDS-GAN achieved consistent 25–26 percentage points (pp) Recall improvement across both datasets, outperforming the DGM framework [19] by an average margin of ≈16.7 pp (Table 11 and Table 12). The results demonstrate the framework’s effectiveness in expanding minority-class manifolds and reducing false negatives.

Additionally, the enhanced Recall underscores MIDS-GAN’s security-oriented robustness, driven by its integration of ACON-based adaptive activations and KL-divergence alignment, which collectively improve class separability, and reduce false negatives under severe class imbalance. Baseline data distributions prior to augmentation (Appendix A) further confirm that MIDS-GAN effectively expands sparse and overlapping minority classes, thereby improving both detection reliability and generalization.

6. Conclusions

This study introduced MIDS-GAN, a divergence-guided augmentation framework that enhances distributional alignment between real and synthetic network traffic for intrusion detection. Evaluation on NSL-KDD and UNSW-NB15 demonstrated that MIDS-GAN significantly improved the detection of ultra-minority classes (e.g., R2L/U2R; Shellcode/Worms) without compromising majority-class performance. The findings emphasize that class-conditional generation with KL-guided training and ACON activations provides a principled and effective alternative to heuristic oversampling such as SMOTE, ADASYN, SMOTEENN, and Borderline-SMOTE.

Future work will extend framework’s generalizability by evaluating MIDS-GAN on SDN, IPv6, and 5G datasets incorporating protocol-appropriate features and broader telemetry. Further investigation will assess robustness under domain and temporal shifts, conduct targeted ablations, and evaluate computational efficiency for practical deployment.