Karn Arodh Lal, Ghanimi Hayder M A, Iyengar Vijayalakshmi, Siddiqui Mohd Shuaib, Alharbi Meshal Ghalib, Alroobaea Roobaea, Yousef Amr, Sengan Sudhakar
Department of Financial and Actuarial Mathematics, School of Mathematics and Physics, Xian Jiaotong-Liverpool University, Suzhou City, Jiangsu Province, 215123, P.R. China.
Department of Information Technology, College of Science, University of Warith Al- Anbiyaa, Karbala, 56001, Iraq.
Sci Rep. 2025 Aug 19;15(1):30292. doi: 10.1038/s41598-025-15034-4.
The increasing digitization of the Financial Services Sector (FSS) has significantly improved operational efficiency but has also exposed institutions to sophisticated Cyber Threat Intelligence (CTI) such as Advanced Persistent Threats (APT), zero-day exploits, and high-volume Denial-of-Service (DoS) attacks. Traditional Intrusion Detection Systems (IDS), including signature-based and anomaly-based approaches, suffer from high False Positive Rates (FPR) and lack the adaptability required for modern threat landscapes. This study aims to develop and evaluate an Artificial Intelligence-Enhanced Defense-in-Depth (AI-E-DiD) designed to provide real-time, adaptive, and scalable cybersecurity prevention for financial networks. The proposed model integrates a hybrid Generative Adversarial Network and Long Short-Term Memory Autoencoder (GAN-LSTM-AE) for intelligent anomaly detection, an Advanced Encryption Standard in Galois/Counter Mode (AES-GCM) for data integrity and confidentiality, and an AI-Enhanced Intrusion Prevention System (AI-E-IPS) for dynamic threat mitigation. Empirical evaluation using the NSL-KDD and CICIDS-2017 datasets demonstrates high detection accuracy (95.6% for DoS and 94.2% for DDoS), low response times (< 0.25 s), and robust performance under varying user loads, attack types, and data sizes. The NS-3 results show that AI-DiD outperforms conventional IDS and traditional DiD in terms of Detection Rate (DR), Computational Overhead (CO), Network Throughput (NT), and operational scalability. These findings highlight the model's probable for deployment in high-stakes financial environments requiring resilient and intelligent cybersecurity infrastructure.
金融服务部门(FSS)日益数字化,显著提高了运营效率,但也使机构面临复杂的网络威胁情报(CTI),如高级持续性威胁(APT)、零日漏洞利用和大量拒绝服务(DoS)攻击。传统的入侵检测系统(IDS),包括基于签名和基于异常的方法,存在较高的误报率(FPR),并且缺乏现代威胁格局所需的适应性。本研究旨在开发和评估一种人工智能增强的深度防御(AI-E-DiD),旨在为金融网络提供实时、自适应和可扩展的网络安全预防。所提出的模型集成了用于智能异常检测的混合生成对抗网络和长短期记忆自动编码器(GAN-LSTM-AE)、用于数据完整性和机密性的伽罗瓦/计数器模式高级加密标准(AES-GCM)以及用于动态威胁缓解的人工智能增强入侵防御系统(AI-E-IPS)。使用NSL-KDD和CICIDS-2017数据集进行的实证评估表明,该模型具有较高的检测准确率(DoS攻击为95.6%,DDoS攻击为94.2%)、较低的响应时间(<0.25秒),并且在不同的用户负载、攻击类型和数据大小下具有强大的性能。NS-3结果表明,AI-DiD在检测率(DR)、计算开销(CO)、网络吞吐量(NT)和操作可扩展性方面优于传统IDS和传统深度防御。这些发现突出了该模型在需要弹性和智能网络安全基础设施的高风险金融环境中进行部署的可能性。
