Abstract

Network intrusion detection systems (NIDS) are critical for protecting modern cyber infrastructure against evolving threats. Traditional machine learning approaches often struggle with high-dimensional network traffic data and class imbalance. This paper proposes a novel hybrid intrusion detection framework combining Information Gain (IG) for feature selection, Grey Wolf Optimizer (GWO) for hyperparameter optimization, and TabNet for deep learning-based classification. The IG module reduces dimensionality by selecting the most discriminative features, GWO optimizes TabNet’s architecture and learning parameters, and TabNet’s attention-based mechanism enables interpretable predictions. We evaluate our approach on four benchmark datasets: CIC-IDS2017, NSL-KDD, UNSW-NB15, and CIC-DDoS2019. On CIC-IDS2017, our method achieves 99.47 ± 0.11% accuracy, outperforming the second-best (GWO-TabNet:99.12 ± 0.15%) by 0.35% with high statistical significance (p < 0.001).

Key words: Intrusion Detection System, Information Gain, Grey Wolf Optimizer, TabNet, Deep Learning, Feature Selection, Hyperparameter Optimization, Network Security