The Gorilla Troops Optimizer-Based Ensemble Deep Learning Model for Real-Time Zero-Day Attack Detection and Classification
Received: 17 May 2025 | Revised: 16 June 2025 and 4 July 2025 | Accepted: 6 July 2025 | Online: 1 December 2025
Corresponding author: J. Vanitha
Abstract
Securing computer networks is becoming increasingly important and gaining significant attention. Security attacks, especially zero-day attacks, pose significant risks to enterprise and critical networks due to their unknown vulnerabilities and detection challenges. To ensure cybersecurity in networks, Intrusion Detection Systems (IDSs) observe network traffic for malicious actions and related attacks. Deep Learning (DL) and Machine Learning (ML)-based IDS are widely adopted for their adaptability and robust detection capabilities, particularly against zero-day attacks. This study presents the Gorilla Troops Optimizer-based Ensemble DL Model for Zero-Day Attack Detection (GTOEDLM-ZDAD) technique, aimed at classifying and detecting zero-day attacks using ensemble and advanced optimization algorithms. Initially, Linear Scaling Normalization (LSN) is used, and the Chimpanzee Optimization Algorithm (ChoA) is utilized for feature subset selection. An ensemble DL model uses Deep Q-Network (DQN), Bidirectional Gated Recurrent Unit (BiGRU), and Deep Belief Network (DBN) for classification. Finally, Gorilla Troops Optimizer (GTO)-based hyperparameter tuning is performed. A wide range of experimentation of the GTOEDLM-ZDAD technique on the ToN-IoT dataset achieved a superior accuracy of 98.33% over existing approaches and baseline models.
Keywords:
Gorilla Troops Optimizer (GTO), ensemble models, zero-day attacks detection, feature selection, linear scaling normalizationDownloads
References
R. Ahmad, I. Alsmadi, W. Alhamdani, and L. Tawalbeh, "Zero-day attack detection: a systematic literature review," Artificial Intelligence Review, vol. 56, no. 10, pp. 10733–10811, Oct. 2023. DOI: https://doi.org/10.1007/s10462-023-10437-z
M. Sarhan, S. Layeghy, M. Gallagher, and M. Portmann, "From zero-shot machine learning to zero-day attack detection," International Journal of Information Security, vol. 22, no. 4, pp. 947–959, Aug. 2023. DOI: https://doi.org/10.1007/s10207-023-00676-0
A. Blaise, M. Bouet, V. Conan, and S. Secci, "Detection of zero-day attacks: An unsupervised port-based approach," Computer Networks, vol. 180, Oct. 2020, Art. no. 107391. DOI: https://doi.org/10.1016/j.comnet.2020.107391
Y. Guo, "A review of Machine Learning-based zero-day attack detection: Challenges and future directions," Computer Communications, vol. 198, pp. 175–185, Jan. 2023. DOI: https://doi.org/10.1016/j.comcom.2022.11.001
T. Zoppi, A. Ceccarelli, and A. Bondavalli, "Unsupervised Algorithms to Detect Zero-Day Attacks: Strategy and Application," IEEE Access, vol. 9, pp. 90603–90615, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3090957
S. Ali, S. U. Rehman, A. Imran, G. Adeem, Z. Iqbal, and K. I. Kim, "Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection," Electronics, vol. 11, no. 23, Jan. 2022, Art. no. 3934. DOI: https://doi.org/10.3390/electronics11233934
H. Hindy, R. Atkinson, C. Tachtatzis, J. N. Colin, E. Bayne, and X. Bellekens, "Utilising Deep Learning Techniques for Effective Zero-Day Attack Detection," Electronics, vol. 9, no. 10, Oct. 2020, Art. no. 1684. DOI: https://doi.org/10.3390/electronics9101684
A. T. Azar, S. U. Amin, M. A. Majeed, A. Al-Khayyat, and I. Kasim, "Cloud-Cyber Physical Systems: Enhanced Metaheuristics with Hierarchical Deep Learning-based Cyberattack Detection," Engineering, Technology & Applied Science Research, vol. 14, no. 6, pp. 17572–17583, Dec. 2024. DOI: https://doi.org/10.48084/etasr.8286
T. Nishitha and A. Khare, "Smart Contract-Enhanced Residual GRU with Merkle-Damgard Cryptography for IoT Attack Detection," Engineering, Technology & Applied Science Research, vol. 15, no. 1, pp. 19331–19336, Feb. 2025. DOI: https://doi.org/10.48084/etasr.8860
N. Peppes, T. Alexakis, E. Adamopoulou, and K. Demestichas, "The Effectiveness of Zero-Day Attacks Data Samples Generated via GANs on Deep Learning Classifiers," Sensors, vol. 23, no. 2, Jan. 2023, Art. no. 900. DOI: https://doi.org/10.3390/s23020900
S. Guo et al., "A Zero-day Container Attack Detection based on Ensemble Machine Learning," in 2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA), Sinaia, Romania, Sept. 2023, pp. 1–8. DOI: https://doi.org/10.1109/ETFA54631.2023.10275683
Y. R. Purnamadewi and A. Zahra, "Enhancing detection of zero-day phishing email attacks in the Indonesian language using deep learning algorithms," Bulletin of Electrical Engineering and Informatics, vol. 14, no. 1, pp. 505–512, Feb. 2025. DOI: https://doi.org/10.11591/eei.v14i1.8759
S. Akshaya and P. Ganapathi, "Augmenting Cyber Defense Counter To Zero-Day Attacks Through Predictive Analysis-A Fusion Methodology Assimilating Game Theory and RESNet Inspired Optimization Techniques," International Journal of Communication Networks and Information Security, vol. 16, no. 3, pp. 91–104, 2024.
A. De Paola, S. Drago, P. Ferraro, and G. Lo Re, "Detecting Zero-Day Attacks under Concept Drift: An Online Unsupervised Threat Detection System," in CEUR Workshop Proceedings, 2024.
D. Jin, S. Chen, H. He, X. Jiang, S. Cheng, and J. Yang, "Federated Incremental Learning based Evolvable Intrusion Detection System for Zero-Day Attacks," IEEE Network, vol. 37, no. 1, pp. 125–132, Jan. 2023. DOI: https://doi.org/10.1109/MNET.018.2200349
M. A. Talukder, M. Khalid, and N. Sultana, "A hybrid machine learning model for intrusion detection in wireless sensor networks leveraging data balancing and dimensionality reduction," Scientific Reports, vol. 15, no. 1, Feb. 2025, Art. no. 4617. DOI: https://doi.org/10.1038/s41598-025-87028-1
M. P. Singh, V. P. Singh, and M. Gupta, "Early Detection and Classification of Zero-Day Attacks in Network Traffic Using Convolutional Neural Network," in The Future of Artificial Intelligence and Robotics, 2024, pp. 812–822. DOI: https://doi.org/10.1007/978-3-031-60935-0_70
O. Almomani, "A Hybrid Model Using Bio-Inspired Metaheuristic Algorithms for Network Intrusion Detection System," Computers, Materials and Continua, vol. 68, no. 1, pp. 409–429, Feb. 2021. DOI: https://doi.org/10.32604/cmc.2021.016113
A. Babu and A. Bagubali, "Federated Learning With Sailfish-Optimized Ensemble Models for Anomaly Detection in IoT Edge Computing Environment," IEEE Access, vol. 13, pp. 53171–53187, 2025. DOI: https://doi.org/10.1109/ACCESS.2025.3554301
S. Chakraborty, S. K. Pandey, S. Maity, and L. Dey, "Detection and Classification of Novel Attacks and Anomaly in IoT Network using Rule based Deep Learning Model," SN Computer Science, vol. 5, no. 8, Nov. 2024, Art. no. 1056. DOI: https://doi.org/10.1007/s42979-024-03429-5
X. He and C. Guo, "Research on Multi-Strategy Fusion of the Chimpanzee Optimization Algorithm and Its Application in Path Planning," Applied Sciences, vol. 15, no. 2, Jan. 2025, Art. no. 608. DOI: https://doi.org/10.3390/app15020608
Y. Liu, T. Yang, L. Tian, and J. Pei, "SGD-TripleQNet: An Integrated Deep Reinforcement Learning Model for Vehicle Lane-Change Decision," Mathematics, vol. 13, no. 2, Jan. 2025, Art. no. 235. DOI: https://doi.org/10.3390/math13020235
S. C. M. Sundararajan et al., "IoT-based prediction model for aquaponic fish pond water quality using multiscale feature fusion with convolutional autoencoder and GRU networks," Scientific Reports, vol. 15, no. 1, Jan. 2025, Art. no. 1925. DOI: https://doi.org/10.1038/s41598-024-84943-7
K. Reddy, R. Sarma, and D. Guha, "Performance Analysis of Advanced Metaheuristics for Optimal Design of Multi-Objective Model Predictive Control of Doubly Fed Induction Generator," Processes, vol. 13, no. 1, Jan. 2025, Art. no. 221. DOI: https://doi.org/10.3390/pr13010221
"CIC-ToN-IoT." Kaggle, [Online]. Available: https://www.kaggle.com/datasets/dhoogla/cictoniot.
B. I. Hairab, H. K. Aslan, M. S. Elsayed, A. D. Jurcut, and M. A. Azer, "Anomaly Detection of Zero-Day Attacks Based on CNN and Regularization Techniques," Electronics, vol. 12, no. 3, Jan. 2023, Art. no. 573. DOI: https://doi.org/10.3390/electronics12030573
Downloads
How to Cite
License
Copyright (c) 2025 J. Vanitha, P. Anandababu
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
