Network Anomaly Detection System using Transformer Neural Networks and Clustering Techniques

Ayomitope Isijola; Michael Asefon; Ufuoma Ogude; Adetoro Mayowa Sola; Temiloluwa Adebowale; Isabella Akunekwu

doi:10.36079/lamintang.ijai-01201.837

Network Anomaly Detection System using Transformer Neural Networks and Clustering Techniques

Ayomitope Isijola https://orcid.org/0009-0005-3580-7888
Michael Asefon https://orcid.org/0009-0006-1671-8182
Ufuoma Ogude
Adetoro Mayowa Sola https://orcid.org/0009-0001-0473-5165
Temiloluwa Adebowale
Isabella Akunekwu https://orcid.org/0009-0001-7144-5846

DOI: https://doi.org/10.36079/lamintang.ijai-01201.837

Keywords: Deep Learning, K-means Clustering, Network Anomaly Detection, Neural Network Architecture, Transformer Model

Abstract

This study proposes a hybrid approach for network anomaly detection by integrating a Transformer-based model with clustering techniques. The methodology begins with the application of K-means clustering as a preprocessing step to group similar network traffic data, thereby reducing data complexity and highlighting significant patterns. The clustered data is then fed into a Transformer model, which utilizes multi-head self-attention mechanisms to capture intricate temporal dependencies and contextual relationships within sequential data. This dual-stage approach enhances the model’s ability to differentiate between normal and anomalous behaviors in network traffic. Trained on a network security dataset, the system effectively identifies both common and rare attack types. According to the results, the suggested ensemble classifier outperformed existing deep learning models with an accuracy of over 99.5%, 98.5%, and 99.9% on the UNSW-NB15 dataset. The synergy between the unsupervised pattern recognition of clustering and the deep learning capabilities of Transformers enables a scalable and adaptable solution for real-world network security applications, making it suitable for proactive cyber threat detection and mitigation.

Downloads

Download data is not yet available.

Author Biographies

Ayomitope Isijola

Department of Computer Sciences, University of Lagos. Lagos, Nigeria.

Michael Asefon

Department of Computer Science, National Open University of Nigeria. Nigeria.

Ufuoma Ogude

Department of Computer Science, National Open University of Nigeria. Nigeria.

Adetoro Mayowa Sola

Department of Electrical/Electronics and Computer Engineering, College of Engineering Afe Babalola University Ado. Ekiti State, Nigeria.

Temiloluwa Adebowale

Department of Computer Science, National Open University of Nigeria. Nigeria.

Isabella Akunekwu

Department of Information Management Technology, Federal University of Technology Owerri. Imo, Nigeria.

This is an open access article, licensed under CC-BY-SA

Published

2025-06-28

Downloads : 124

How to Cite

[1]

A. Isijola, M. Asefon, U. Ogude, A. M. Sola, T. Adebowale, and I. Akunekwu, “Network Anomaly Detection System using Transformer Neural Networks and Clustering Techniques”, International Journal of Artificial Intelligence, vol. 12, no. 1, pp. 37-52, Jun. 2025.

Download Citation

Issue

Vol 12 No 1: June 2025

Section

Articles

References

N. Saran and N. Kesswani, “A comparative study of supervised Machine Learning classifiers for Intrusion Detection in Internet of Things”, Procedia Computer Science, vol. 218, no. 8, pp. 2049-2057, 2023.

H. Lv and Y. Ding, “A hybrid intrusion detection system with K-Means and CNN+LSTM”, EAI Endorsed Transactions on Scalable Information Systems, vol. 11, no. 6, pp. 1-9, 2024.

Y. Zhu, Y. Wang, L. Zhou, and Y. Xia, “FC-Trans: Deep Learning Methods for Network Intrusion Detection in Big Data Environments”, Computers & Security, vol. 154, 104392, 2025.

X. Zhang, F. Yang, Y. Hu, Z. Tian, W. Liu, Y. Li, and W. She, “RANet: Network intrusion detection with group-gating convolutional neural network”, Journal of Network and Computer Applications, vol. 198c, 103266, 2022.

T. Acharya, A. Annamalai, and M. Chouikha, “Enhancing the Network Anomaly Detection using CNN-Bidirectional LSTM Hybrid Model and Sampling Strategies for Imbalanced Network Traffic Data”, Advances in Science Technology and Engineering Systems Journal, vol. 9, no. 1, pp. 67-78, 2024.

Y. Zhou, H. Zeng, Z. Zheng, and W. Zhang, “Network traffic anomaly detection model based on feature grouping and multi-autoencoders integration”, Electronics Letters, vol. 60, no. 23, 2024.

Z. Long, H. Yan, G. Shen, X. Zhang, H. He, and L. Cheng, “A Transformer-based Network Intrusion Detection Approach for Cloud Security” Journal of Cloud Computing, vol. 13, no. 1, pp. 1-11, 2024.

S. Tuli, G. Casale, and N.R. Jennings, “TranAD: deep transformer networks for anomaly detection in multivariate time series data”, Proceedings of the VLDB Endowment, vol. 15, no. 6, pp. 1201-1214, 2022.

N. AlDahoul, H. Abdul Karim, and A.S.B. Wazir, “Model fusion of deep neural networks for anomaly detection”, Journal of Big Data, vol. 8, no. 106, 2021.

H. Benaddi, K. Ibrahimi, A. Benslimane, and J. Qadir, “A Deep Reinforcement Learning Based Intrusion Detection System (DRL-IDS) for Securing Wireless Sensor Networks and Internet of Things”, Lecture Notes of the Institute for Computer Sciences, pp. 73-87, 2020.

N. Kunhare, R. Tiwari, and J. Dhar, “Intrusion detection system using hybrid classifiers with meta-heuristic algorithms for the optimization and feature selection by genetic algorithm”, Computers and Electrical Engineering, vol. 103, no. 8, 2022.

M. Maazalahi and S. Hosseini, “A Novel Hybrid Method Using Grey Wolf Algorithm and Genetic Algorithm for IoT Botnet DDoS Attacks Detection”, Int J Comput Intell Syst, vol. 18, no. 61, 2025.

A. Davahli, M. Shamsi, and G. Abaei, “Hybridizing genetic algorithm and grey wolf optimizer to advance an intelligent and lightweight intrusion detection system for IoT wireless networks”, J Ambient Intell Human Comput, vol. 11, pp. 5581-5609, 2020.

A.A. Diro, S. Kaisar, A.V. Vasilakos, A. Anwar, A. Nasirian, and G. Olani, “Anomaly Detection for Space Information Networks: A Survey of Challenges, Techniques, and Future Directions”, Computers and Security, vol. 139, 103705, 2024.

S. Imran Ali, M.F. Zuhairi, S.M. Ali, Z. Shahid, M.M. Alam, and M.M. Su’ud, “Improving Reliability for Detecting Anomalies in the MQTT Network by Applying Correlation Analysis for Feature Selection Using Machine Learning Techniques”, Applied Sciences, vol. 13, no. 11, 2023.