Spatial–Temporal Intrusion Detection Framework for Enhanced Network Security in Distributed Systems
摘要
The increasing complexity of cyber-attacks in spatially distributed networks highlights the need for advanced intrusion detection systems (IDS) capable of integrating spatial–temporal data for robust analysis. This study combines intelligent algorithms for large spatial data analysis with three state-of-the-art IDS datasets: CICIDS2017, UNSW-NB15, and TON_IoT. By enriching these datasets with geospatial information derived from IP-based geolocation, the proposed approach identifies and analyzes spatial–temporal patterns of network intrusions. Core methodologies include spatial clustering for attack hotspot detection, spatial–temporal modeling for coordinated attack identification, and a hybrid framework integrating autoencoders with graph-based algorithms for enhanced feature representation. Experimental results across the datasets demonstrate significant improvements in detecting spatially distributed malicious activities and reveal critical insights into attack origins and propagation patterns. This work provides a novel and scalable solution for improving IDS performance in distributed environments, advancing research in cyber security and geospatial data integration.