Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN)

Gloria Odiaga; Newton Masinde; Castro Yoga

doi:10.55195/jscai.1820478

Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN)

Abstract

While the growing accessibility of technology improves usability, it also creates more opportunities for cybercriminals to exploit vulnerabilities, significantly accelerating the proliferation of cybersecurity attacks. Deep learning (DL) approaches present significant advancements over conventional machine learning (ML) techniques by automating feature selection and extraction while minimizing external dependencies. This study proposes a deep learning-based model to enhance cyberattack detection and ensure that data security goals are achieved. This study employs a quantitative research design, utilizing simulation and modeling as the primary analytical tools. The dataset used is the Canadian Institute for Cybersecurity Intrusion Detection System (CIC-IDS-2017) dataset. Three distinct DL algorithms are used to design the detection models, namely, Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN). The performance comparison metrics are F1-score, accuracy, sensitivity, false positive rate (FPR), specificity, positive predictive value (PPV), false negative rate (FNR), and negative predictive value (NPV). Optimization concepts are integrated to enhance the detection efficiency in web-based systems, including loss functions, gradient-based optimization, and efficient model generalization techniques. The results of k-fold cross-validation show LSTM’s higher scores for F1-score (94.6%), recall (94.7%), accuracy (94.8%), and precision (94.6%). LSTM outperformed RNN and DNN, achieving the highest accuracy, precision, specificity, and sensitivity at 94.7%, 94.3%, 98.9%, and 94.7% respectively, validating LSTM's superior generalizability for cyberattack detection tasks.

Keywords

References

S. K. Lala and A. Kumar, “Secure Web Development Using OWASP Guidelines,” in Proc. 5th Int. Conf. Intelligent Computing and Control Systems (ICICCS), pp. 323–332, 2021.
T. Sendjaja, E. P. Irwandi, Y. Suryani, and et al., “Cybersecurity in the Digital Age: Developing Robust Strategies to Protect Against Evolving Global Digital Threats and Cyberattacks,” International Journal of Science and Society, vol. 6, no. 1, pp. 1008–1019, 2024.
P. Sharma and H. Gupta, “Emerging Cyber Security Threats and Security Applications in Digital Era,” in Proc. 11th Int. Conf. Reliability, Infocom Technologies and Optimization (ICRITO), pp. 1–6, 2024.
W. S. Admass, Y. Y. Munaye, and A. A. Diro, “Cyber Security: State of the Art, Challenges and Future Directions,” Cyber Security and Applications, vol. 2, p. 100031, 2024.
A. Hoffman, Web Application Security. O’Reilly Media, Inc., 2024. Accessed from https://books.google.co.ke/.
CrowdStrike, “CrowdStrike 2025 Global Threat Report,” 2025. Accessed from https://www.crowdstrike.com/enus/global-threat-report/.
M. Roshanaei, M. R. Khan, and N. N. Sylvester, “Enhancing Cybersecurity Through AI and ML: Strategies, Challenges, and Future Directions,” Journal of Information Security, vol. 15, no. 3, pp. 320–339, 2024.
L. Tukaram, “Deep Learning in Cybersecurity: Applications, Challenges, and Future Prospects,” International Journal of Innovations in Science, Engineering and Management, vol. 4, no. 2, pp. 27–33, 2025.

B. Alotaibi, “Cybersecurity Attacks and Detection Methods in Web 3.0 Technology: A Review,” Sensors, vol. 25, no. 2, p. 342, 2025.
C. Janiesch, P. Zschech, and K. Heinrich, “Machine Learning and Deep Learning,” Electronic Markets, vol. 31, no. 3, pp. 685–695, 2021.
C. Miller, T. Portlock, D. M. Nyaga, and et al., “A Review of Model Evaluation Metrics for Machine Learning in Genetics and Genomics,” Frontiers in Bioinformatics, vol. 4, p. 1457619, 2024.
T. Maurer and R. Morgus, “Compilation of Existing Cybersecurity and Information Security Related Definitions,” 2022. Accessed from https://d1y8sb8igg2f8e.cloudfront.net/documents/compilationof-existing cybersecurity-and-information-securityrelated-definitions.pdf.
P. Nespoli, D. Papamartzivanos, F. G. Marmol, and ´ et al., “Optimal Countermeasures Selection Against Cyber Attacks: A Comprehensive Survey on Reaction Frameworks,” IEEE Communications Surveys and Tutorials, vol. 20, pp. 1361–1396, 2018.
N. Khan, K. Ahmad, A. A. Tamimi, and et al., “Explainable AI-Based Intrusion Detection System for Industry 5.0: An Overview of the Literature, Associated Challenges, the Existing Solutions, and Potential Research Directions,” 2024. arXiv preprint arXiv:2408.03335.
M. Ozkan-Okay, R. Samet, O. Aslan, and et al., “ ¨ A Comprehensive Systematic Literature Review on Intrusion Detection Systems,” IEEE Access, vol. 9, pp. 157727– 157760, 2021.
A. Khraisat, I. Gondal, P. Vamplew, and et al., “Survey of Intrusion Detection Systems: Techniques, Datasets and Challenges,” Cybersecurity, vol. 2, no. 1, pp. 1–22, 2019.
H. J. Liao, C. H. Lin, Y. C. Lin, and et al., “Intrusion Detection System: A Comprehensive Review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16–24, 2013.
M. M. Taye, “Understanding of Machine Learning with Deep Learning: Architectures, Workflow, Applications, and Future Directions,” Computers, vol. 12, no. 5, p. 91, 2023.
I. H. Sarker, “Deep Cybersecurity: A Comprehensive Overview from Neural Network and Deep Learning Perspective,” SN Computer Science, vol. 2, no. 3, p. 154, 2021.
K. Barik, S. Misra, K. Konar, and et al., “Cybersecurity Deep: Approaches, Attacks Dataset, and Comparative Study,” Applied Artificial Intelligence, vol. 36, no. 1, p. 2055399, 2022.
M. Ozkan-Okay, E. Akin, O. Aslan, and et al., “ ¨ A Comprehensive Survey: Evaluating the Efficiency of Artificial Intelligence and Machine Learning Techniques on Cybersecurity Solutions,” IEEE Access, vol. 12, pp. 12229–12256, 2024.
P. S. Muhuri, P. Chatterjee, X. Yuan, and et al., “Using a Long Short-Term Memory Recurrent Neural Network (LSTM-RNN) to Classify Network Attacks,” Information, vol. 11, no. 5, p. 243, 2020.
S. Das, A. Tariq, T. Santos, and et al., “Recurrent Neural Networks (RNNs): Architectures, Training Tricks, and Introduction to Influential Research,” in Machine Learning for Brain Disorders (J. Smith and L. Wang, eds.), pp. 117–138, Springer, 2023.
M. Beck, K. Poppel, M. Spanring, and et al., “ ¨ XLSTM: Extended Long Short-Term Memory,” in Advances in Neural Information Processing Systems, vol. 37, pp. 107547–107603, 2024.
J. Xu and Y. Zhang, “Device Fault Prediction Model Based on LSTM and Random Forest,” 2024. arXiv preprint arXiv:2403.05179.
Z. Alshingiti, R. Alaqel, J. Al-Muhtadi, and et al., “A Deep Learning-Based Phishing Detection System Using CNN, LSTM, and LSTM-CNN,” Electronics, vol. 12, no. 1, p. 232, 2023.
Y. A. Khan, S. Imaduddin, Y. P. Singh, and et al., “Artificial Intelligence Based Approach for Classification of Human Activities Using MEMS Sensors Data,” Sensors, vol. 23, no. 3, p. 1275, 2023.
I. Malashin, V. Tynchenko, A. Gantimurov, and et al., “Applications of Long Short-Term Memory (LSTM) Networks in Polymeric Sciences: A Review,” Polymers, vol. 16, no. 18, p. 2607, 2024.
J. Li and B. Sun, “A Network Attack Detection Method Using SDA and Deep Neural Network Based on Internet of Things,” International Journal of Wireless Information Networks, vol. 27, no. 2, pp. 209–214, 2020.
C. Yin, Y. Zhu, J. Fei, and X. He, “A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks,” IEEE Access, vol. 5, pp. 21954–21961, 2017.
S. Sumathi, R. Rajesh, and S. Lim, “Recurrent and Deep Learning Neural Network Models for DDoS Attack Detection,” Journal of Sensors, vol. 2022, no. 3, pp. 1–21, 2022.
A. Boukhalfa, A. Abdellaoui, N. Hmina, and et al., “LSTM Deep Learning Method for Network Intrusion Detection System,” International Journal of Electrical and Computer Engineering, vol. 10, no. 3, pp. 3315– 3322, 2020.
A. Moubayed, “A Complete EDA and DL Pipeline for Softwarized 5G Network Intrusion Detection,” Future Internet, vol. 16, no. 9, p. 331, 2024.
M. B. Kursa and W. R. Rudnicki, “Feature Selection with the Boruta Package,” Journal of Statistical Software, vol. 36, pp. 1–3, 2010.
L. Liao, H. Li, W. Shang, and et al., “An Empirical Study of the Impact of Hyperparameter Tuning and Model Optimization on the Performance Properties of Deep Neural Networks,” ACM Transactions on Software Engineering and Methodology, vol. 31, no. 3, pp. 1–40, 2022.
B. G. Marcot and A. M. Hanea, “What Is an Optimal Value of k in k-Fold Cross-Validation in Discrete Bayesian Network Analysis?,” Computational Statistics, vol. 36, no. 3, pp. 2009–2031, 2021.
E. Krzyszton, I. Rojek, and D. Mikołajewski, “ ´ A Comparative Analysis of Anomaly Detection Methods in IoT Networks: An Experimental Study,” Applied Sciences, vol. 14, no. 24, p. 11545, 2024.
R. Panigrahi and S. Borah, “A Detailed Analysis of CICIDS2017 Dataset for Designing Intrusion Detection Systems,” International Journal of Engineering & Technology, vol. 7, no. 3.24, pp. 479–482, 2018. Available at: https://www.researchgate.net/publication/329045441.
B. Pang, E. Nijkamp, and Y. N. Wu, “Deep Learning with TensorFlow: A Review,” Journal of Educational and Behavioral Statistics, vol. 45, no. 2, pp. 227–248, 2020.
S. Sharma, S. Sharma, and A. Athaiya, “Activation Functions in Neural Networks,” Towards Data Science, vol. 6, no. 12, pp. 310–316, 2017.
O. Hospodarskyy, V. Martsenyuk, N. Kukharska, and et al., “Understanding the Adam Optimization Algorithm in Machine Learning,” 2024. Accessed from https://www.ijeast.com/papers/310- 316,Tesma412,IJEAST.pdf.
J. C. Triana-Martinez, J. Gil-Gonzalez, J. A. Fernandez- ´ Gallego, and et al., “Chained Deep Learning Using Generalized Cross-Entropy for Multiple Annotators Classification,” Sensors, vol. 23, no. 7, p. 3518, 2023.
E. N. Kalei, A Long Short-term Memory Network Model for Detecting Phishing Websites. Doctoral dissertation, University of Nairobi, 2024.
N. Dash, S. Chakravarty, A. K. Rath, N. C. Giri, K. M. AboRas, and N. Gowtham, “An optimized LSTM-based deep learning model for anomaly network intrusion detection,” Scientific Reports, vol. 15, no. 1, p. 1554, 2025.
A. Hasas, M. S. Zarinkhail, M. Hakimi, and M. M. Quchi, “Strengthening digital security: dynamic attack detection with LSTM, KNN, and random forest,” Journal of Computer Science and Technology Studies, vol. 6, no. 1, pp. 49–57, 2024.

Details

Primary Language

English

Subjects

Artificial Intelligence (Other)

Journal Section

Research Article

Authors

Gloria Odiaga ^*
0009-0007-4748-7804
Kenya

Newton Masinde
0000-0002-2578-4361
Kenya

Castro Yoga
0009-0003-1320-0685
Kenya

Publication Date

December 29, 2025

Submission Date

November 11, 2025

Acceptance Date

December 29, 2025

Published in Issue

Year 1970 Volume: 6 Number: 2

DOI

https://doi.org/10.55195/jscai.1820478

IZ

https://izlik.org/JA56NX42MD

Cite

RIS / Bibtex

APA

Odiaga, G., Masinde, N., & Yoga, C. (2025). Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN). Journal of Soft Computing and Artificial Intelligence, 6(2), 39-54. https://doi.org/10.55195/jscai.1820478

AMA

1.Odiaga G, Masinde N, Yoga C. Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN). JSCAI. 2025;6(2):39-54. doi:10.55195/jscai.1820478

Chicago

Odiaga, Gloria, Newton Masinde, and Castro Yoga. 2025. “Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN)”. Journal of Soft Computing and Artificial Intelligence 6 (2): 39-54. https://doi.org/10.55195/jscai.1820478.

EndNote

Odiaga G, Masinde N, Yoga C (December 1, 2025) Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN). Journal of Soft Computing and Artificial Intelligence 6 2 39–54.

IEEE

[1]G. Odiaga, N. Masinde, and C. Yoga, “Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN)”, JSCAI, vol. 6, no. 2, pp. 39–54, Dec. 2025, doi: 10.55195/jscai.1820478.

ISNAD

Odiaga, Gloria - Masinde, Newton - Yoga, Castro. “Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN)”. Journal of Soft Computing and Artificial Intelligence 6/2 (December 1, 2025): 39-54. https://doi.org/10.55195/jscai.1820478.

JAMA

1.Odiaga G, Masinde N, Yoga C. Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN). JSCAI. 2025;6:39–54.

MLA

Odiaga, Gloria, et al. “Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN)”. Journal of Soft Computing and Artificial Intelligence, vol. 6, no. 2, Dec. 2025, pp. 39-54, doi:10.55195/jscai.1820478.

Vancouver

1.Gloria Odiaga, Newton Masinde, Castro Yoga. Deep Learning for Cyberattack Detection: A Comparative Analysis of Deep Neural Network (DNN), Long Short-Term Memory (LSTM), and Recurrent Neural Network (RNN). JSCAI. 2025 Dec. 1;6(2):39-54. doi:10.55195/jscai.1820478