AI-Driven Hybrid Defense Mechanisms for Enhancing Cybersecurity in Cyber-Physical Systems Through Packet Sniffing and Cyber Ranges
DOI:
https://doi.org/10.56294/dm20261329Keywords:
Cyber-Physical Systems , Intrusion Detection , Hybrid CNN–LSTM , Attention Mechanism, Packet Sniffing , Real-Time DetectionAbstract
Introduction: Cyber-Physical Systems are the backbone of modern critical infrastructures but remain inherently vulnerable to cyberattacks due to their interconnected nature. This calls for more adaptive and intelligent intrusion detection solutions, as existing approaches often fall short in capturing the spatial-temporal complexity of CPS traffic.
Methods: This work proposes a hybrid deep learning framework based on the integration of CNN and LSTM networks with an attention mechanism. The system exploits real-time packet sniffing for fine-grained traffic analysis and the use of cyber range simulations to evaluate its performance in different attack conditions. A structured preprocessing pipeline, covering normalization, time windowing, and controlled data augmentation, ensures high-quality feature extraction while maintaining spatial and temporal patterns.
Results: The proposed model outperforms standalone CNN and LSTM architectures on a balanced multi-class CPS dataset with 99,08 % accuracy and very high precision, recall, and F1-scores across all attack types. Attention significantly enhances sensitivity by picking up important temporal features and provides better interpretability via packet-level relevance mapping. The model maintains an extremely low false-positive rate, further supporting its suitability for real-world deployment.
Conclusions: These results position the hybrid CNN-LSTM-Attention architecture, combined with packet sniffing, as a robust and adaptive intrusion detection for CPS environments. Strong performance with low error rates accordingly underlines the potential to mitigate emerging threats. Future work will extend the evaluation to diverse datasets and will benchmark the system against state-of-the-art detection models in order to further validate generalizability.
References
1. Czekster RM, Metere R, Morisset C. Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings. Appl Sci. 2022;12(10). DOI: https://doi.org/10.3390/app12105005
2. Smadi AA, Ajao BT, Johnson BK, Lei H, Chakhchoukh Y, Al-Haija QA. A comprehensive survey on cyber-physical smart grid testbed architectures: Requirements and challenges. Electron. 2021;10(9):1–25. DOI: https://doi.org/10.3390/electronics10091043
3. Thakur P, Kansal V, Rishiwal V. Hybrid Deep Learning Approach Based on LSTM and CNN for Malware Detection. Wirel Pers Commun. 2024;136(3):1879–901. DOI: https://doi.org/10.1007/s11277-024-11366-y
4. Zhang J, Pan L, Han QL, Chen C, Wen S, Xiang Y. Deep Learning Based Attack Detection for Cyber-Physical System Cybersecurity: A Survey. IEEE/CAA J Autom Sin. 2022;9(3):377–91. DOI: https://doi.org/10.1109/JAS.2021.1004261
5. Markevych M, Dawson M. A Review of Enhancing Intrusion Detection Systems for Cybersecurity Using Artificial Intelligence (AI). Int Conf KNOWLEDGE-BASED Organ. 2023;29(3):30–7. DOI: https://doi.org/10.2478/kbo-2023-0072
6. Medjek F, Tandjaoui D, Djedjig N, Romdhani I. Fault-tolerant AI-driven Intrusion Detection System for the Internet of Things. Int J Crit Infrastruct Prot. 2021;34:100436. DOI: https://doi.org/10.1016/j.ijcip.2021.100436
7. Alsuwian T, Shahid Butt A, Amin AA. Smart Grid Cyber Security Enhancement: Challenges and Solutions—A Review. Sustain. 2022;14(21):1–21. DOI: https://doi.org/10.3390/su142114226
8. Kim S, Park KJ. A survey on machine-learning based security design for cyber-physical systems. Appl Sci. 2021;11(12). DOI: https://doi.org/10.3390/app11125458
9. Pimple J, Sharma A. Enhancing Cybersecurity in Medical Cyber-Physical Systems Using Blockchain and Deep Learning. In: 2025 IEEE International Students’ Conference on Electrical, Electronics and Computer Science (SCEECS). 2025. p. 1–6. DOI: https://doi.org/10.1109/SCEECS64059.2025.10941630
10. Kabir S, Hannan N, Shufian A, Rahman Zishan MS. Proactive detection of cyber-physical grid attacks: A pre-attack phase identification and analysis using anomaly-based machine learning models. Array. 2025;27:100441. DOI: https://doi.org/10.1016/j.array.2025.100441
11. Li J, Yang Y, Sun JS, Tomsovic K, Qi H. ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems. In: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery; 2021. p. 52–66. (ASIA CCS ’21). DOI: https://doi.org/10.1145/3433210.3437513
12. Zhang D, Wang QG, Feng G, Shi Y, Vasilakos A V. A survey on attack detection, estimation and control of industrial cyber–physical systems. ISA Trans. 2021;116:1–16. DOI: https://doi.org/10.1016/j.isatra.2021.01.036
13. Bhutani M, Dalal S, Alhussein M, Lilhore UK, Aurangzeb K, Hussain A. SAD-GAN: A Novel Secure Anomaly Detection Framework for Enhancing the Resilience of Cyber-Physical Systems. Cognit Comput. 2025;17(4):127. DOI: https://doi.org/10.1007/s12559-025-10483-5
14. Kamble D, Rathod S, Bhelande M, Shah A, Sapkal P. Original Research Article Correlating forensic data for enhanced network crime investigations: Techniques for packet sniffing, network forensics, and attack detection. J Auton Intell. 2024;7(4). DOI: https://doi.org/10.32629/jai.v7i4.1272
15. Grossi M, Alfonsi F, Prandini M, Gabrielli A. A Highly Configurable Packet Sniffer Based on Field-Programmable Gate Arrays for Network Security Applications. Vol. 12, Electronics. 2023. DOI: https://doi.org/10.3390/electronics12214412
16. Kibriya H, Masood M, Nawaz M, Rafique R, Rehman S. Multiclass brain tumor classification using convolutional neural network and support vector machine. In: 2021 Mohammad Ali Jinnah University international conference on computing (MAJICC). IEEE; 2021. p. 1–4. DOI: https://doi.org/10.1109/MAJICC53071.2021.9526262
17. Nguyen TT, Nguyen QVH, Nguyen DT, Nguyen DT, Huynh-The T, Nahavandi S, et al. Deep learning for deepfakes creation and detection: A survey. Comput Vis Image Underst. 2022;223:103525. DOI: https://doi.org/10.1016/j.cviu.2022.103525
18. Alnajjar M. Image-based detection using deep learning and Google Colab. 2021;
19. Koonce B, Koonce BE. Convolutional neural networks with swift for tensorflow: Image recognition and dataset categorization. Springer; 2021. DOI: https://doi.org/10.1007/978-1-4842-6168-2
20. Hua Y, Zhao Z, Li R, Chen X, Liu Z, Zhang H. Deep Learning with Long Short-Term Memory for Time Series Prediction. IEEE Commun Mag. 2019;57(6):114–9. DOI: https://doi.org/10.1109/MCOM.2019.1800155
21. Smagulova K, James AP. A survey on LSTM memristive neural network architectures and applications. Eur Phys J Spec Top. 2019;228(10):2313–24. DOI: https://doi.org/10.1140/epjst/e2019-900046-x
22. Fang Z, Crimier N, Scanu L, Midelet A, Alyafi A, Delinchant B. Multi-zone indoor temperature prediction with LSTM-based sequence to sequence model. Energy Build. 2021;245:111053. DOI: https://doi.org/10.1016/j.enbuild.2021.111053
23. Nayak SS. Packet Sniffing. Int J Eng Manag Res Peer Rev Ref J e. 2024;14(1):71–6.
24. Sabeel A, Rajeev S., H.S C. with tips on how to get the Network Interface. Internetworking Res Exp. 2003;(December 2002):17–9. DOI: https://doi.org/10.1016/S1353-4858(02)00312-4
25. Asrodia P, Sharma V. Network Monitoring and Analysis by Packet Sniffing Method. 2013;4(May):2133–5.
26. Ibrahim Diyeb IA, Saif A, Al-Shaibany NA. Ethical Network Surveillance using Packet Sniffing Tools: A Comparative Study. Int J Comput Netw Inf Secur. 2018;10(7):12–22. DOI: https://doi.org/10.5815/ijcnis.2018.07.02
27. Mohiuddin K, Welke P, Alam MA, Martin M, Alam MM, Lehmann J, et al. Retention Is All You Need. Int Conf Inf Knowl Manag Proc. 2023;(Nips):4752–8. DOI: https://doi.org/10.1145/3583780.3615497
28. Niño-Adan I, Landa-Torres I, Portillo E, Manjarres D. Influence of statistical feature normalisation methods on K-Nearest Neighbours and K-Means in the context of industry 4.0. Eng Appl Artif Intell. 2022;111:104807. DOI: https://doi.org/10.1016/j.engappai.2022.104807
29. Rodríguez P, Bautista MA, Gonzàlez J, Escalera S. Beyond one-hot encoding: Lower dimensional target embedding. Image Vis Comput. 2018;75:21–31. DOI: https://doi.org/10.1016/j.imavis.2018.04.004
30. Yang GW, Jing HF. Multiple Convolutional Neural Network for Feature Extraction BT - Intelligent Computing Theories and Methodologies. In: Huang DS, Jo KH, Hussain A, editors. Cham: Springer International Publishing; 2015. p. 104–14. DOI: https://doi.org/10.1007/978-3-319-22186-1_10
31. Hefron RG, Borghetti BJ, Christensen JC, Kabban CMS. Deep long short-term memory structures model temporal dependencies improving cognitive workload estimation. Pattern Recognit Lett. 2017;94:96–104. DOI: https://doi.org/10.1016/j.patrec.2017.05.020
32. Soydaner D. Attention mechanism in neural networks: where it comes and where it goes. Neural Comput Appl. 2022;34(16):13371–85. DOI: https://doi.org/10.1007/s00521-022-07366-3
33. Wardhani NWS, Rochayani MY, Iriany A, Sulistyono AD, Lestantyo P. Cross-validation Metrics for Evaluating Classification Performance on Imbalanced Data. 2019 Int Conf Comput Control Informatics its Appl Emerg Trends Big Data Artif Intell IC3INA 2019. 2019;14–8. DOI: https://doi.org/10.1109/IC3INA48034.2019.8949568
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Deepa Singh Sisodiya, Ritu Tiwari, Priyank Jain (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
The article is distributed under the Creative Commons Attribution 4.0 License. Unless otherwise stated, associated published material is distributed under the same licence.
