Design and Optimization of Hybrid CNN-DT Model-Based Network Intrusion Detection Algorithm Using Deep Reinforcement Learning

With the rapid development of network technology, modern systems are facing increasingly complex security threats, which motivates researchers to continuously explore more advanced intrusion detection systems (IDSs). Even though they work effectively in some situations, the existing IDSs based on machine learning or deep learning still struggle with detection accuracy and generalization. To address these challenges, this study proposes an innovative network intrusion detection algorithm that combines convolutional neural networks (CNNs) and decision trees (DTs) together, named CNN-DT algorithm. In the CNN-DT algorithm, CNN extracts high-level features from data packets first, then the decision tree quickly determines the presence of intrusions based on these high-level features, while providing a clear decision path. Moreover, the study proposes a novel adaptive hybrid pooling mechanism that integrates maximal pooling, average pooling, and global maximal pooling. The hyperparameters of the CNN network are also optimized by actor–critic (AC) deep reinforcement learning algorithm (DRL). The experimental results show that the CNN–decision tree (DT) algorithm optimized by actor–critic (AC) achieves an accuracy of 0.9792 on the KDD dataset, which is 5.63% higher than the unoptimized CNN-DT model.