Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
6.1
2.6
Journals
Electronics
Special Issues
Emerging Research Trends and Technologies in Intrusion Detection Systems (IDSs)...
share announcement

Emerging Research Trends and Technologies in Intrusion Detection Systems (IDSs) and Artificial Intelligence (AI) Utilization

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: 15 August 2026 | Viewed by 2085

Special Issue Editor

Dr. Emre Tokgoz

E-Mail Website
Guest Editor
Computer Security Department, New York State University at Farmingdale, New York, NY 11735, USA
Interests: cybersecurity; intrusion detection; machine learning

Special Issue Information

Dear Colleagues,

With the increasing complexity and diversity of network threats, Intrusion Detection Systems (IDSs) are confronted with more stringent performance demands, and the integration of artificial intelligence (AI) has become a key driver for their advancement.

This Special Issue focuses on emerging research trends and technologies in Intrusion Detection Systems (IDSs) and artificial intelligence (AI) and is intended to improve IDS designs. Interested researchers are invited to submit manuscripts that relate but are not limited to the following topics: artificial intelligence, optimization, quantum and post-quantum technologies, automation, software development, authentication, cryptography, and automated system designs for IDS improvements. This Special Issue particularly welcomes recent studies exploring traditional and quantum artificial intelligence and their applications in IDSs. All researchers, graduate students, and faculty of universities and other organizations are invited to participate in this publication by submitting novel research results that contribute theoretical and practical insights.

Focus areas include (but are not limited to) the following:

  • Intrusion detection systems;
  • Network security;
  • Application security;
  • Cloud security;
  • Endpoint security;
  • Data security;
  • Identity and access management;
  • Operational security;
  • Incidence response;
  • Forensics;
  • IoT security;
  • Mobile security;
  • Critical infrastructure security;
  • Cyber threat intelligence security;
  • Cryptography;
  • Governance, risk, and compliance;
  • Zero trust;
  • Physical security;
  • Human security;
  • Vulnerability management;
  • Machine learning;
  • Deep learning.

Dr. Emre Tokgoz
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 250 words) can be sent to the Editorial Office for assessment.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • intrusion detection system
  • artificial intelligence
  • machine learning
  • deep learning
  • optimization
  • quantum and post-quantum technologies
  • automation
  • software solutions
  • authentication
  • cryptography
  • network system design
  • automated cryptographic system design

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • Reprint: MDPI Books provides the opportunity to republish successful Special Issues in book format, both online and in print.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (4 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

26 pages, 12505 KB  
Article
Hardware–Software Co-Optimized Lightweight Real-Time CAN Intrusion Detection and Prevention System for ECUs
by Youngmin Jang, Hyungchul Im, Jonggwon Kim, Semin Kim, Eunsu Kim and Seongsoo Lee
Electronics 2026, 15(10), 2108; https://doi.org/10.3390/electronics15102108 - 14 May 2026
Abstract
The Controller Area Network (CAN) protocol used in in-vehicle networks is vulnerable to external attacks because it lacks authentication and encryption mechanisms. Accordingly, CAN Intrusion Detection Systems (IDSs) have been studied. However, existing IDSs remain difficult to deploy in practical vehicles because of [...] Read more.
The Controller Area Network (CAN) protocol used in in-vehicle networks is vulnerable to external attacks because it lacks authentication and encryption mechanisms. Accordingly, CAN Intrusion Detection Systems (IDSs) have been studied. However, existing IDSs remain difficult to deploy in practical vehicles because of their limited real-time capability, complex preprocessing, and high computational cost. To overcome these limitations, this paper proposes an ultra-lightweight Convolutional Neural Network (CNN)-based IDS that significantly reduces parameters and computational complexity while maintaining high detection performance. The proposed IDS improves area efficiency through a streaming pipeline, computation-block reuse, and constrained Processing Element (PE) parallelism. In addition, its lightweighting effect was quantitatively evaluated against an RTL baseline implemented under identical platform and design constraints. When an attack is detected, an Intrusion Prevention System (IPS) integrated with the CAN controller generates an error frame to block it in real time. The proposed IDS achieved over 99.97% detection performance for known frame-level message-injection scenarios on the Car-Hacking Dataset. It also achieved branch-wise real-time feasibility with an 11.46 µs ID-branch precomputation latency and a 5.68 µs DATA-complete-to-decision latency at 50 MHz. In TSMC 28 nm ASIC synthesis, the proposed IDS required 70,592 gates, with an estimated ASIC power of 2.0231 mW and an active inference energy of 34.68 nJ. Full article
(This article belongs to the Special Issue Emerging Research Trends and Technologies in Intrusion Detection Systems (IDSs) and Artificial Intelligence (AI) Utilization)
Show Figures

Figure 1

16 pages, 919 KB  
Article
A Comparative Performance Study of Host-Based Intrusion Detection Using TextRank-Based System Call Preprocessing and Deep Learning Models
by Hyunwook You, Chulgyun Park, Dongkyoo Shin and Dongil Shin
Electronics 2026, 15(9), 1856; https://doi.org/10.3390/electronics15091856 - 27 Apr 2026
Viewed by 346
Abstract
Host-based intrusion detection systems (HIDSs) can address the limitations of network-based detection by analyzing system calls and other low-level events. Many existing benchmark datasets remain inadequate for evaluating modern attacks because they were built in outdated environments and cover only a limited set [...] Read more.
Host-based intrusion detection systems (HIDSs) can address the limitations of network-based detection by analyzing system calls and other low-level events. Many existing benchmark datasets remain inadequate for evaluating modern attacks because they were built in outdated environments and cover only a limited set of attack behaviors. To address this gap, this study builds a TextRank-based preprocessing pipeline on the LID-DS 2021 dataset and compares five end-to-end pipelines: Random Forest (RF), Long Short-Term Memory (LSTM), Convolutional Neural Network(CNN) + LSTM, LSTM, Bidirectional LSTM (BiLSTM), and CNN + Bidirectional Gated Recurrent Unit (BiGRU). Of the 15 scenarios in the dataset, six multi-stage attacks were excluded, and three representative scenarios were selected based on attack-category coverage and suitability for single-chunk host-level detection. Within these three selected scenarios and same-scenario file-level splits, the deep learning pipelines achieved F1-scores of 0.90–0.94, whereas RF ranged from 0.55 to 0.63. Among the evaluated pipelines, CNN + BiGRU produced the strongest overall results. These findings indicate that, under this constrained evaluation setting, sequential deep learning pipelines can be effective for scenario-specific system-call-based HIDS; however, broader generalization to unseen attacks or to the full LID-DS 2021 scenario set remains unverified. Full article
(This article belongs to the Special Issue Emerging Research Trends and Technologies in Intrusion Detection Systems (IDSs) and Artificial Intelligence (AI) Utilization)
Show Figures

Figure 1

27 pages, 3484 KB  
Article
Enhancing RMF and ATT&CK Mapping Accuracy Through Integration of Sentence-BERT and Mitigation Parameters
by Hanhee Lee, Sukjoon Yoon, Yunkyung Lee and Jiwon Kang
Electronics 2026, 15(6), 1248; https://doi.org/10.3390/electronics15061248 - 17 Mar 2026
Viewed by 530
Abstract
To minimize cybersecurity risks in weapon systems, the implementation of the Korean Risk Management Framework (K-RMF) has become imperative. However, a significant “strategic gap” exists between high-level RMF controls and technical MITRE ATT&CK techniques, rendering manual mapping labor-intensive. This study proposes an automated [...] Read more.
To minimize cybersecurity risks in weapon systems, the implementation of the Korean Risk Management Framework (K-RMF) has become imperative. However, a significant “strategic gap” exists between high-level RMF controls and technical MITRE ATT&CK techniques, rendering manual mapping labor-intensive. This study proposes an automated mitigation-driven pipeline that integrates Sentence-BERT (SBERT) with the structural defense relationships of the ATT&CK knowledge graph. To address the data coverage limitations of the Center for Threat-Informed Defense (CTID) silver standard, we introduce Recall@restricted as a calibrated performance metric. Experimental evaluations demonstrate that the proposed ensemble framework achieves a Recall@restricted of 0.74, significantly outperforming baseline SBERT-only models. These findings suggest that deterministic mitigation relationships effectively complement semantic representations, providing a robust framework for aligning RMF controls with adversarial behaviors. Full article
(This article belongs to the Special Issue Emerging Research Trends and Technologies in Intrusion Detection Systems (IDSs) and Artificial Intelligence (AI) Utilization)
Show Figures

Figure 1

24 pages, 3150 KB  
Article
An Intrusion Detection Model Based on Equalization Loss and Spatio-Temporal Feature Extraction
by Miaolei Deng, Shaojun Fan, Yupei Kan and Chuanchuan Sun
Electronics 2026, 15(3), 646; https://doi.org/10.3390/electronics15030646 - 2 Feb 2026
Viewed by 567
Abstract
In recent years, the expansion of network scale and the diversification of attack methods pose dual challenges to intrusion detection systems in extracting effective features and addressing class imbalance. To address these issues, the Spatial–Temporal Equilibrium Graph Convolutional Network (STEGCN) is proposed. This [...] Read more.
In recent years, the expansion of network scale and the diversification of attack methods pose dual challenges to intrusion detection systems in extracting effective features and addressing class imbalance. To address these issues, the Spatial–Temporal Equilibrium Graph Convolutional Network (STEGCN) is proposed. This model integrates Graph Convolutional Network (GCN) and Gated Recurrent Unit (GRU), leveraging GCN to extract high-order spatial features from network traffic data while capturing complex topological relationships and latent patterns. Meanwhile, GRU efficiently models the dynamic evolution of network traffic over time, accurately depicting temporal trends and anomaly patterns. The synergy of these two components provides a comprehensive representation of network behavior. To mitigate class imbalance in intrusion detection, the Equalization Loss v2 (EQLv2) is introduced. By dynamically adjusting gradient contributions, this function reduces the dominance of majority classes, thereby enhancing the model’s sensitivity to minority-class attacks. Experimental results demonstrate that STEGCN achieves superior detection performance on the UNSW-NB15 and CICIDS2017 datasets. Compared with traditional deep learning models, STEGCN shows significant improvements in accuracy and recall, particularly in detecting minority-class intrusions. Full article
(This article belongs to the Special Issue Emerging Research Trends and Technologies in Intrusion Detection Systems (IDSs) and Artificial Intelligence (AI) Utilization)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-4
Back to TopTop