Journal: Volume 31, No. 1, 2026
Pages: 34 – 43
DOI: https://doi.org/10.62660/bcstu/1.2026.3
202 Views

Method for detecting computer attacks based on adaptability and balancing of training samples

Bogdan Semenyuk, Bogdan Savenko
Received 05.11.2025
Revised 13.02.2026
Accepted 16.03.2026
Published 08.04.2026

Abstract

The relevance of this work is determined by the fact that modern cyber defence systems still face the problem of data imbalance in detecting computer attacks. Uneven class representation reduces the ability of machine learning models to recognise rare but critically important types of intrusions. Existing methods of synthetic sample augmentation often distort the data structure and lead to the loss of characteristic attack signatures, which negatively affects the reliability of classification. The aim of the study was to improve the accuracy and completeness of network attack detection by developing an adaptive method for balancing the training sample while preserving the statistical and signature properties of anomalies. The research methodology involved the creation of a deterministic algorithm that calculated the supplementation coefficients separately for each type of attack, taking into account its frequency and the minimum required sample size. A statistical approach based on local medians and extreme values of neighbouring samples was used to generate new examples, which ensured the reproduction of the typical structure of anomalous patterns without random interpolation. The developed method was integrated into a data processing sequence, within which network traffic parameters were converted into sound signals, and spectrograms were formed on their basis for further analysis by a two-dimensional convolutional neural network. The main results of the study showed an increase in the completeness of detection of rare types of attacks by an average of 10-12% compared to basic approaches, while maintaining a stable level of overall accuracy. Preserving signatures in synthetic samples ensured improved recognition of rare attacks and increased classification reliability. The practical value of the work lies in the possibility of applying the developed method to form balanced samples in intrusion detection systems and its integration with existing deep learning models in order to improve the reliability of corporate network cyber protection

Keywords

data imbalance; signature modelling of anomalies; synthetic sample augmentation; network traffic analysis; convolutional neural networks; acoustic data representation; classification robustness

References

  1. Ahmad, Z., Khan, A.S., Shiang, C.W., Abdullah, J., & Ahmad, F. (2021). Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Emerging Telecommunications Technologies, 32(1), article number e4150. doi: 10.1002/ett.4150.
  2. Alladi, T., Chamola, V., Sikdar, B., & Choo, K.-K.R. (2020). Consumer IoT: Security vulnerability case studies and solutions. IEEE Consumer Electronics Magazine, 9(2), 17-25. doi: 10.1109/MCE.2019.2953740.
  3. Baich, M., & Sael, N. (2025). Enhancing machine learning model prediction with feature selection for botnet intrusion detection. Engineering Proceedings, 112(1), article number 55. doi: 10.3390/engproc2025112055.
  4. Cai, Z., Du, H., Wang, H., Zhang, J., Si, Y., & Li, P. (2023). One-dimensional convolutional Wasserstein generative adversarial network based intrusion detection method for industrial control systems. Electronics, 12(22), article number 4653. doi: 10.3390/electronics12224653.
  5. Dalou’, J., Al-Duwairi, B., & Al-Jarrah, M. (2020). Adaptive entropy-based detection and mitigation of DDoS attacks in SDN networks. International Journal of Computing, 19(3), 399-410. doi: 10.47839/ijc.19.3.1889.
  6. Denysiuk, D., Savenko, O., Lysenko, S., Savenko, B., & Kashtalian, A. (2023). Method for detecting steganographic changes in images using machine learning. In Proceedings of the 13th international conference on dependable systems, services and technologies (DESSERT) (pp. 1-6). Athens: IEEE. doi: 10.1109/DESSERT61349.2023.10416453.
  7. Farooq, M., & Ahmad, F. (2024). Improved intrusion detection in IoT using multi-layered neural architectures. International Journal of Computing, 23(2), 268-273. doi: 10.47839/ijc.23.2.3546.
  8. Hussain, A., Sharif, H., Rehman, F., Kirn, H., Sadiq, A., Khan, M.S., Riaz, A., Ali, C.N., & Chandio, A.H. (2023). A systematic review of intrusion detection systems in Internet of Things using ML and DL. In 2023 4th international conference on computing, mathematics and engineering technologies (iCoMET). Sukkur: IEEE. doi: 10.1109/ iCoMET57998.2023.10099142.
  9. Joloudari, J.H., Marefat, A., Nematollahi, M.A., Oyelere, S.S., & Hussain, S. (2023). Effective class-imbalance learning based on SMOTE and convolutional neural networks. Applied Sciences, 13(6), article number 4006. doi: 10.3390/app13064006.
  10. Joseph, J.E., Aleke, N.T., & Onyeanisi, O.P. (2025). Deep learning based intrusion detection system for network security in IoT system. International Journal of Education, Management, and Technology, 3(1), 119-138. doi: 10.58578/ijemt.v3i1.4539.
  11. Kashtalian, A., Sergii, L., Sachenko, A., Savenko, B., Savenko, O., & Nicheporuk, A. (2025). Evaluation criteria of centralization options in the architecture of multicomputer systems with traps and baits. Radioelectronic and Computer Systems, 2025(1), 264-297. doi: 10.32620/reks.2025.1.18.
  12. Kilincer, I.F., Ertam, F., & Sengur, A. (2021). Machine learning methods for cyber security intrusion detection: Datasets and comparative study. Computer Networks, 188, article number 107840. doi: 10.1016/j. comnet.2021.107840.
  13. Li, G., & Jung, J.J. (2023). Deep learning for anomaly detection in multivariate time series: Approaches, applications, and challenges. Information Fusion, 91, 93-102. doi: 10.1016/j.inffus.2022.10.008.
  14. Maniriho, P., Niyigaba, E., Bizimana, Z., Twiringiyimana, V., Mahoro, L.J., & Ahmad, T. (2020). Anomaly-based intrusion detection approach for IoT networks using machine learning. In 2020 international conference on computer engineering, network, and intelligent multimedia (CENIM) (pp. 303-308). Surabaya: IEEE. doi: 10.1109/ CENIM51130.2020.9297958.
  15. Mari, A.-G., Zinca, D., & Dobrota, V. (2023). Development of a machine-learning intrusion detection system and testing of its performance using a generative adversarial network. Sensors, 23(3), article number 1315. doi: 10.3390/s23031315.
  16. Mijalkovic, J., & Spognardi, A. (2022). Reducing the false negative rate in deep learning based network intrusion detection systems. Algorithms, 15(8), article number 258. doi: 10.3390/a15080258.
  17. Sathaporn, P., Krungseanmuang, W., Chaowalittawin, V., Benjangkaprasert, C., & Purahong, B. (2025). DDoS detection using a hybrid CNN-RNN model enhanced with multi-head attention for cloud infrastructure. Applied Sciences, 15(21), article number 11567. doi: 10.3390/app152111567.
  18. Shahriar, M.H., Haque, N.I., Rahman, M.A., & Alonso, M. (2020). G-IDS: Generative adversarial networks assisted intrusion detection system. In 2020 IEEE 44th annual computers, software, and applications conference (COMPSAC) (pp. 376-385). Madrid: IEEE. doi: 10.1109/compsac48688.2020.0-218.
  19. Sheibani, M., Konur, S., Awan, I., & Qureshi, A. (2024). A multi-layered defence strategy against DDoS attacks in SDN/NFV-based 5G mobile networks. Electronics, 13(8), article number 1515. doi: 10.3390/electronics13081515.
  20. Sheikh, M.S., & Peng, Y. (2022). Procedures, criteria, and machine learning techniques for network traffic classification: A survey. IEEE Access, 10, 64806-64829. doi: 10.1109/access.2022.3181135.

Suggested citation

Semenyuk, B., & Savenko, B. (2026). Method for detecting computer attacks based on adaptability and balancing of training samples. Bulletin of Cherkasy State Technological University, 31(1), 34-43. https://doi.org/10.62660/bcstu/1.2026.3