The nonlinear observer-based fault diagnosis method for the high altitude airship

Jichen Hu; Ming Zhu; Tian Chen; Jichen Hu; Ming Zhu; Tian Chen

doi:10.3934/era.2025041

Electronic Research Archive

2025, Volume 33, Issue 2: 907-930. doi: 10.3934/era.2025041

Previous Article Next Article

Research article

The nonlinear observer-based fault diagnosis method for the high altitude airship

1.
School of Aeronautic Science and Engineering, Beihang University, Beijing 100191, China
2.
Institute of Unmanned System, Beihang University, Beijing 100191, China

Received: 16 December 2024 Revised: 24 January 2025 Accepted: 11 February 2025 Published: 19 February 2025

We investigated an observer-based fault diagnosis method for the high altitude airship (HAA). The nonlinear kinematics and dynamics model, which considers model uncertainties and external disturbances, were obtained. The nonliear portion of the model was re-expressed to the linear parameter varying frame mathematically with an auxiliary design. Subsequently, in order to realize fault detection, isolation, and reconstruction, diverse types of robust were observers designed, respectively. Furthermore, all these mentioned observers were achieved via the linear matrix inequation framework. The effectiveness of the proposed method was verified by different fault cases in an HAA simulation system.

Keywords:

Citation: Jichen Hu, Ming Zhu, Tian Chen. The nonlinear observer-based fault diagnosis method for the high altitude airship[J]. Electronic Research Archive, 2025, 33(2): 907-930. doi: 10.3934/era.2025041

Related Papers:

[1]	Yijun Chen, Yaning Xie . A kernel-free boundary integral method for reaction-diffusion equations. Electronic Research Archive, 2025, 33(2): 556-581. doi: 10.3934/era.2025026
[2]	Jin Li, Yongling Cheng . Barycentric rational interpolation method for solving time-dependent fractional convection-diffusion equation. Electronic Research Archive, 2023, 31(7): 4034-4056. doi: 10.3934/era.2023205
[3]	Nelson Vieira, M. Manuela Rodrigues, Milton Ferreira . Time-fractional telegraph equation of distributed order in higher dimensions with Hilfer fractional derivatives. Electronic Research Archive, 2022, 30(10): 3595-3631. doi: 10.3934/era.2022184
[4]	Cheng Wang . Convergence analysis of Fourier pseudo-spectral schemes for three-dimensional incompressible Navier-Stokes equations. Electronic Research Archive, 2021, 29(5): 2915-2944. doi: 10.3934/era.2021019
[5]	Weijie Ding, Xiaochen Mao, Lei Qiao, Mingjie Guan, Minqiang Shao . Delay-induced instability and oscillations in a multiplex neural system with Fitzhugh-Nagumo networks. Electronic Research Archive, 2022, 30(3): 1075-1086. doi: 10.3934/era.2022057
[6]	Junseok Kim, Soobin Kwak, Hyun Geun Lee, Youngjin Hwang, Seokjun Ham . A maximum principle of the Fourier spectral method for diffusion equations. Electronic Research Archive, 2023, 31(9): 5396-5405. doi: 10.3934/era.2023273
[7]	Mufit San, Seyma Ramazan . A study for a higher order Riemann-Liouville fractional differential equation with weakly singularity. Electronic Research Archive, 2024, 32(5): 3092-3112. doi: 10.3934/era.2024141
[8]	Peng Gao, Pengyu Chen . Blowup and MLUH stability of time-space fractional reaction-diffusion equations. Electronic Research Archive, 2022, 30(9): 3351-3361. doi: 10.3934/era.2022170
[9]	Jun Liu, Yue Liu, Xiaoge Yu, Xiao Ye . An efficient numerical method based on QSC for multi-term variable-order time fractional mobile-immobile diffusion equation with Neumann boundary condition. Electronic Research Archive, 2025, 33(2): 642-666. doi: 10.3934/era.2025030
[10]	Yining Yang, Yang Liu, Cao Wen, Hong Li, Jinfeng Wang . Efficient time second-order SCQ formula combined with a mixed element method for a nonlinear time fractional wave model. Electronic Research Archive, 2022, 30(2): 440-458. doi: 10.3934/era.2022023

Abstract

1. Introduction

The continuous development and wide-ranging utilization of the internet benefits several network users from several points of view ^[1]. In the meantime, security is highly significant with the vast exploitation of the network. Network security has undoubtedly been connected with programs, different information, networks, computers, and more, where the need for defense is to avoid adaptation and unauthorized access ^[2]. However, the increasing number of systems connected to the internet in e-Commerce, military and finance make them targets of network attacks, contributing to a lot of damage and risks ^[3]. Providing efficient approaches for identifying and protecting from attacks and maintaining network security is essential. Additionally, various categories of attacks have been frequently needed and processed in numerous ways ^[4]. Recognizing various types of network attack is the main problem that needs to be solved in network security, particularly those that have not been noticed. Researchers have recently employed different types of machine learning (ML) techniques for classifying network attacks without previous knowledge of their comprehensive features ^[5].

Internet of things (IoT) networks have continuously exposed and modified the topology by connecting nodes and exiting the network in real time ^[6]. The lack of centralized network control tools makes them susceptible to security attacks. IoT devices can have superior features, including limited data storage, connection bandwidth, smaller memory size, and restricted power supply ^[7]. These limitations considerably affect the efficiency of security protocols for IoT platforms concerning development and effectiveness. Consequently, a competent intrusion detection system (IDS) for IoT networks will probably emerge due to the lack of the computational power needed ^[8]. Cyberattacks are highly difficult to recognize, as hackers utilize cutting-edge methods to take sensitive data while avoiding identification by IDS. The interaction between internetworks has also been subject to cyber-security vulnerabilities. Consequently, a novel technique can be essential for attack prevention activities and earlier intrusion detection ^[9].

Machine learning and deep learning (DL) approaches are currently used for intrusion detection, network abnormality detection, and avoidance. The DL technique should be utilized to increase the accuracy and proficiency of IDS in IoT devices ^[10]. Since hyperparameter tuning of the DL model remains a challenging process, metaheuristic algorithms can be used, which in turn improves the overall detection performance. Some of the recently developed metaheuristics are Liver cancer algorithm (LCA) ^[11], slime mould algorithm (SMA) ^[12,13], moth search algorithm (MSA) ^[14], hunger games search (HGS) ^[15], Runge Kutta method (RUN) ^[16], colony predation algorithm (CPA) ^[17], weighted mean of vectors (INFO) ^[18], Harris Hawks optimization (HHO) ^[19], Rime optimization algorithm (RIME) ^[20,21], etc.

This article presents a weighted Salp swarm algorithm with a DL-powered cyber threat detection and classification (WSSADL-CTDC) technique for robust network security, utilizing a min-max normalization approach to scale data into even formats. In addition, it applies a shuffled frog leap algorithm (SFLA) to elect an optimum subset of features. The WSSADL-CTDC technique applies a hybrid convolutional autoencoder (CAE) model to identify and classify cyber threats. A WSSA-based hyperparameter tuning process can be employed to enhance the detection performance of the CAE model. The experimental analysis can be examined on a benchmark dataset.

● Uses SFLA to choose an optimum feature subset from the network security dataset. This process is crucial to mitigate the input data's dimensionality, enhance the technique's effectualness, and concentrate on the most appropriate features for recognizing cyber threats.

● Proposes a novel fusion CAE technique to detect and classify cyber threats within network traffic data. This method incorporates the robustness of convolutional neural networks (CNNs) and autoencoders (AEs), allowing for productive feature extraction and anomaly recognition in network data.

● The WSSADL-CTDC model augments the accomplishment of the CAE technique by implementing a WSSA-based hyperparameter tuning procedure.

The remaining sections of the article are arranged as follows: Section 2 offers the literature review, and Section 3 represents the proposed method. Then, Section 4 elaborates on the evaluation of the results, and Section 5 completes the work.

2. Related works

In ^[22], an ensemble DL algorithm was developed that implements the gains of the long short-term memory (LSTM) and AE technique. The LSTM was implemented to create an architecture on a standard time series of data. Khan et al. ^[23] projected an AE-based identification model using recurrent and convolutional networks. A two-phase sliding window (SW) was employed. Malicious activities in the raw time series were converted to fixed-length series using a first-phase SW. All series were transformed into constant time-dependent sub-series through additional small SW. In classification, fully connected networks employ the removed temporal-spatial features. Bibi et al. ^[24] developed a well-organized, self-learning, autonomous multi-vector attack intelligence and identification method. An innovative convolutional LSTM2D technique powered by the computational integrated device model (ConvLSTM2D) is developed. Das et al. ^[25] introduced a novel transient search optimization (TSO) method enabled by the optimum stacked sparse AE (OSSAE) method. This technique followed the TSA-based feature selection method. Furthermore, the Transient search optimization-optimum stacked sparse AE (TSA-OSSAE) method implements the SSAE method. Lastly, the hyperparameters of the SSAE technique were selected using a multi-versus optimizer (MVO) approach.

In ^[26], the authors presented a graph pattern based on a technique equivalent to a deep hunter graph neural network (GNN) model. A GNN model was developed mainly with two new networks: feature embedding networks integrated with the indicators of compromise (IOC) data and graph embedding networks that took connections among IOCs. Ndife et al. ^[27] developed a Bayesian neural networks (BNNs) model called SGtechNet. Spatio-temporal feature engineering and uncertainty evaluation in Bayesian modeling are exploited. In ^[28], a two-stage IDS was developed. Initially, an adversarial training method was introduced employing the generative adversarial networks (GAN) method. In addition, a DL method was presented for the secondary detector to recognize intrusions. In ^[29], an IDS depended on DL, and a DL method for IDS was developed, employing the efficient recurrent neural networks (ERNN) method. Additionally, the effectiveness of the system in binary and multi-class classifications, as well as the count of neurons and diverse learning rate, has implications under the efficiency of the developed method. This technique relates the method to recurrent neural networks (RNN) and support vector machine (SVM) models.

Zhou et al. ^[30] proposed a model to build a continuous leakage-resilient identity-based encryption (IBE) model with tight security. In ^[31], a bioinspired motion-sensitive technique is presented, which comprises spatial and temporal perception of motion cues, employing simple visual signal processing. Li et al. ^[32] presented a model employing the multi-scale radial basis function (MRBF) and Fisher vector (FV) encoding. The high-resolution time-frequency approach gray level co-ocurrence matrix (GLCM) texture descriptors and FV extraction are also utilized. Chen et al. ^[33] introduced a Lung-Dense attention network (LDANet) method. The residual spatial attention (RSA) method is employed to weigh spatial data, and the weight of every channel is calibrated utilizing the gated channel attention (GCA) technique. A dual attention guidance module (DAGM) technique is constructed for maximization. A lightweight dense block (LDB) technique is also utilized. In ^[34], a deep neural network (DNN) model is proposed, which excels in a localized and sparse approximation. Savanovi et al. ^[35] proposed an optimized ML model employing an altered firefly model. In ^[36], a novel feature selection (FS) model is introduced, which improves the gorilla troops optimizer (GTO) by incorporating the bird swarm modeling (BSA) technique. Jovanovic et al. ^[37] proposed an improved firefly model to tune the extreme gradient boosting (XGBoost) technique.

3. Proposed method

His article introduces an innovative method for robust network security WSSADL-CTDC. The technique aims to detect the presence of cyber threats and accomplish network security using metaheuristics with DL models. Figure 1 demonstrates the entire procedure of this approach.

Figure 1. Overall process of the WSSADL-CTDC technique.

DownLoad: Full-Size Img PowerPoint

3.1. Min-max normalization

Primarily, the technique WSSADL-CTDC employs a min-max normalization approach to normalize data ^[38]. In this study, the input data is standardized from the ranges $0$ and $+1$ utilizing the specified Eq (3.1),

$\begin{equation} X_n = \frac{X_i - X_{min}}{X_{max} - X_{min}}. \end{equation}$

(3.1)

Here, $X_i$ is the observed input value, $X_{min}$ and $X_{max}$ refer to the maximum and minimum values of the descriptive variables, and $X_n$ represents the normalized input values at intervals of $[-1, +1]$ .

3.2. Feature selection

At this stage, the WSSADL-CTDC technique applies SFLA to elect an optimum feature subclass. SFLA has a new population-based metaheuristic approach ^[39] that Integrates the social behaviors of the particle swarm optimization (PSO) technique and the benefits of the memetic algorithm ^[40]. In this approach, a population can be a group of frogs that find optimum food by employing search strategies relevant to the PSO technique. The search process is performed by alternating frogs' intra- and inter-cluster transmission to find food. Intra-cluster transmission is performed within the memeplex for local invention, and inter-cluster transmission is performed among the frogs belonging to the dissimilar memeplexes for global exploration. In classical SFLA, consider that the early population was randomly generated with a $P$ number of frogs. Evaluate fitness values for every individual frog. Subsequently, arrange $P$ in descending sequence of the fitness values. The frogs are then distributed into an $M$ count of memeplexes, and every memeplex has $N$ frogs. Here, the frog distribution can be performed thus: The initial frog moves to the initial memeplex, the next frog moves to the initial memeplex, frog $M$ goes to the $M^{th}$ memeplex and frog $M+1$ goes to the initial memeplex, up to the last frog. In every memeplex, $X_b$ and $X_w$ are the best and worst frogs based on fitness. $X_g$ represents the frog with global fitness $X$ . The position of the worst frog has been updated according to the random position or position of the global or local best frog so that the frog can move to the optimum solution. This can be mathematically modeled as the set of Eqs (3.2) and (3.3).

$\begin{equation} X_w(new) = X_w + Stp, \end{equation}$

(3.2)

$\begin{equation} Stp = rand(X) \times (X_b - X_w) - {Stp}_{max} \leq Stp. \end{equation}$

(3.3)

In Eq (3.3), $Stp$ denotes the size of the leaping step of the frog with $[-1, 1]$ . $rand()$ represents the random integer. If $X_w(new)$ generates the best solution, it replaces $X_w$ . Otherwise, the computations in Eqs (3.2) and (3.3) are reiterated by replacing $X_b$ with $X_g$ . The new random solution can be replaced with $X_w$ if there is no improvement. Thus, each memeplex is shuffled together to exchange data and generate a new population for the following search ranges.

In this SFLA method, the objectives could be incorporated into a single objective equation, such as a preset weight that recognizes the significance of all the objectives ^[41]. In this study, an fitness function (FF) is implemented to integrate these FS objectives, as represented in Eq (3.4),

$\begin{equation} Fitness(X) = \alpha \cdot E(X) + \beta * \Biggl( 1 - \frac{|R|}{|N|} \Biggl). \end{equation}$

(3.4)

Here, $Fitness(X)$ denotes the fitness value of $X$ , $|R|$ and $|N|$ which have the number of particular features $\alpha$ , and $\beta$ describes the weights of the classification error. $E(X)$ signifies the classification error rate employing the preferred features in the $X$ subset, as well as the number of new features in the dataset and the reduction ratio $\alpha \in [0, 1]$ and $\beta = (1 - \alpha)$ .

3.3. Classification using CAE model

The WSSADL-CTDC technique applies a hybrid CAE model for the detection and classification of cyber threats. AE is a self-directed learning procedure that utilizes a neural network (NN) for representation learning ^[42]. It has a method for a model to learn how to encrypt input data. AEs have been used to map input data to low‐dimension spaces or representations of reduced areas. To fix this, a bottleneck is presented that implements a method to learn the condensed area of the input data. Figure 2 illustrates the CAE infrastructure.

Figure 2. Structure of CAE.

DownLoad: Full-Size Img PowerPoint

An AE includes four modules: bottleneck layer (BL), encoder network (EN), reconstruction loss (RL), and decoder network (DN). EN is an NN that encrypts input data in a condensed area. The BL is the latter layer; the output is called encoded input data. $N$ layers in an EN in which the latter layer (i.e., $N^{th}$ layer) is BL. The arithmetical calculation used to signify the functioning of every layer existing in the EN can be revealed in Eq (3.5),

$\begin{equation} X_{e_{i}+1} = f_{e_i} \Bigl(W V_{e_i}^T X_{e_i} + b_{e_i}\Bigl), \quad \forall i = 0, 1, 2, \ldots, N, \end{equation}$

(3.5)

where $X_{e_i}$ denotes the input for the EN layer $i^{th}$ , $f_{e_i}$ denotes the activation function for the layer $i^{th}$ , $b_{e_i}$ is the bias for the layer $i^{th}$ , $WV_{e_i}$ signifies the weight vector for the $i^{th}$ layer, and $X_{e_i+1}$ refers to the output of the layer $i^{th}$ . DN is also known as an NN that consumes the output of the BL as input and attempts to renovate the original data. The number of layers in DN is similar to the number in the EN, in the opposite order. The last layer of the DN offers a loud regeneration of input data. The scientific expression used to signify the functioning of every layer existing in the DN is presented in Eq (3.6),

$\begin{equation} X_{d_{i}+1} = f_{d_i} \Bigl(W_{d_i}^T X_{d_i} + b_{d_j}\Bigl), \quad \forall i = 0, 1, 2, \ldots, N, \end{equation}$

(3.6)

where $X_{d_i}$ denotes the input for the DN layer $i^{th}$ , $X$ refers to the output of the layer $i^{th}$ , $f_{d_i}$ refers to the activation function for the $i^{th}$ layer, $b_{d_i}$ represents the bias for the $i^{th}$ layer, and $WV_{d_i}$ signifies the weight vector for the layer $i^{th}$ . The dissimilarity between the original data $X^O$ and the renovated data $X^R$ is termed RL. The AE is trained by employing the backpropagation algorithm to reduce the RL.

Mean squared error (MSE) and binary cross‐entropy (BCE) losses are dual, highly employed loss functions to calculate RL. These dual loss function formulas have been exposed in Eqs (3.7) and (3.8), while $D$ denotes the number of samples in a dataset used by the AE,

$\begin{equation} MSE\Bigl(X^0, X^R\Bigl) = \frac{1}{D} \sum\limits_{j = 1}^{D} {\Bigl(X_{j}^{0} - X_{j}^{R}\Bigl)}^2, \end{equation}$

(3.7)

$\begin{equation} BCE\Bigl(X^0, X^R\Bigl) = -\frac{1}{D} \sum\limits_{j = 1}^{D} X_{j}^{0} \cdot \log X_{j}^{0} + \Bigl( 1 - X_{j}^{0} \Bigl) \cdot \log \Bigl( 1 - X_{j}^{R} \Bigl). \end{equation}$

(3.8)

3.4. WSSA-based hyperparameter tuning

Eventually, the WSSA-based hyperparameter tuning process can be employed. SSA is a recent metaheuristic optimization technique introduced by Mirjalili et al. ^[43]. SSA must be stimulated by the navigation and swarming behaviors of salps in the oceans for food. The individual salp belongs to the Salpidae family and has a bottle-shaped body. Salps form chains, similar to flocks or swarms, in the deep ocean for foraging and navigation. The leader and followers are two levels of the salp chain. During navigation, the leaders are guided by the swarm (followers) in a multidimensional search range, resulting in the optimum solution (food source) for the optimizer problems. SSA begins with a random solution and later reinvents the search for optimum fitness of salps by exploiting and exploring the search range. The salp moves in the N‐dimension search range and updates the leader location according to the distance between a food source and the salp as Eq (3.9),

$\begin{equation} x_i^1 = \begin{cases} F_i + r_1\Bigl((ub_i - lb_i) \ast r_2 + lb_i \Bigl), & r_3 \geq 0, \\ F_i + r_1\Bigl((ub_i - lb_i) \ast r_2 + lb_i \Bigl), & r_3 < 0. \end{cases} \end{equation}$

(3.9)

● $X_i^1$ - denotes the leader's location in the $i^{th}$ location.

● $ub_i, lb_i$ - shows the upper and lower bounds of $i^{th}$ location.

● $F_i$ - represents the food source location in $i^{th}$ location.

● $r_1$ parameter - balances the exploration and exploitation in searching space.

● $r_1, r_2, r_3$ - refer to random numbers (see Eq (3.10)), where $L$ refers to the maximal iteration count, and $l$ denotes the existing iteration,

$\begin{equation} r_1 = 2 e^{\bigl(\frac{4l}{L}\bigl)^2}. \end{equation}$

(3.10)

Newton's law of motion updates the follower's location in Eq (3.11),

$\begin{equation} x_i^j = \frac{1}{2} at^2 + V_0 t, \end{equation}$

(3.11)

● $v_0$ represents the initial speed;

● $x_i^j$ denotes the location of the $j^{th}$ follower at the $i^{th}$ dimension;

● $t$ is the iteration;

$\begin{equation} x_i^j = \frac{1}{2} \Bigl(x_i^j + x_i^{j-1} \Bigl). \end{equation}$

(3.12)

In SSA, salp forms chains for the foraging process. Salp navigates through the jet propulsion process. Based on the available information from the neighborhood, the leader updates the location with food sources. In a typical SSA approach, the follower salp updates the area according to Newton's law of motion. The model's ability to find solutions for the global search process is compromised due to its lost inertia parameter. Inertia controls the speed and direction of the object. However, such an approach only works well for multimodal and unimodal issues of smaller dimensions. However, this provides poor outcomes for high-dimension difficulties, representing poor convergence. Thus, the location update formula should be modified in all iterations to achieve the optimum solution.

Here, a WSSA has been introduced according to weighted distance location updating to enhance the efficiency of traditional SSA. This model boosts the variety of the original SSA. The weighted location updating parameter was developed based on the findings of Shi and Eberhart (1998). The author initially established the idea of inertia weight and stated that it provides the best control through exploitation and exploration processes. The position updating approach can be adapted as a weighted sum of optimum positions rather than implementing averages to improve the search capability of a typical SSA. This approach can be obtained by evaluating the weight according to the coefficient vectors $C_1, C_2,$ and $C_3$ . Location updating is modeled as the set of Eqs (3.13) to (3.16),

$\begin{equation} w_1 = \overrightarrow{C_1} * \overrightarrow{C_2}, \end{equation}$

(3.13)

$\begin{equation} r_2 = \overrightarrow{C_1} * \overrightarrow{C_3}, \end{equation}$

(3.14)

$\begin{equation} x_i^1 = \begin{cases} w_1 * F_i + r_1\Bigl((ub_i - lb_i) \ast r_2 + lb_i \Bigl), & r_3 \geq 0, \\ w_2 * F_i + r_1\Bigl((ub_i - lb_i) \ast r_2 + lb_i \Bigl), & r_3 < 0, \end{cases} \end{equation}$

(3.15)

$\begin{equation} x_i^j = \frac{1}{2(w_1 + w_2)} \Bigl( w_2 * x_i^j + w_1 * x_i^{j-1} \Bigl). \end{equation}$

(3.16)

This weighted location-update approach balances searching agents' exploitation and exploration capabilities. Furthermore, it improves the convergence rate and leads to better SSA performance.

The WSSA algorithm has obtained an FF to achieve increased classification effectiveness. It evaluates a positive integer to denote the higher efficiency of the candidate solutions. The decrease in the classifier error rate can be measured as FF, as shown in Eq (3.17),

$\begin{equation} fitness(x_i) = Classifier \ Error \ Rate = 100*\frac{Number \ of \ Misclassified \ Instances}{Total \ Number \ of \ Instances}. \end{equation}$

(3.17)

4. Performance validation

The performance analysis of the WSSADL-CTDC system can be examined using the network-based detection of IoT botnet attacks (N-BaIoT) dataset ^[44]. It includes 11 classes with 1000 samples for each class, as defined in Table 1. The suggested technique is simulated using the Python 3.6.5 tool on PC i5-8600k, 250GB SSD, GeForce 1050Ti 4GB, 16GB RAM, and 1TB HDD. The parameter settings are provided: learning rate: 0.01, activation: ReLU, epoch count: 50, dropout: 0.5, and batch size: 5.

Table 1. N-BaIoT dataset.

Class	No. of Instances
Mirai udppalain	1000
Mirai udppalain	1000
Mirai syn	1000
Mirai scan	1000
Mirai ack	1000
Gafgyt udp	1000
Gafgyt tcp	1000
Gafgyt scan	1000
Gafgyt junk	1000
Gafgyt combo	1000
Benign	1000
Total instances	11000

| Show Table

DownLoad: CSV

Figure 3 shows the confusion matrices acquired by the WSSADL-CTDC system with 80:20 and 70:30 of true positive rate per hour / true negative rate per hour (TRPH/TSPH) under the N-BaIoT dataset. The completed findings show effective recognition with 11 classes.

Figure 3. N-BaIoT dataset (a):(b) 80:20 TRPH/TSPH, and (c):(d) 70:30 TRPH/TSPH.

DownLoad: Full-Size Img PowerPoint

The results of cyber threat detection of the WSSADL-CTDC technique in the N-BaIoT dataset are shown in and . The results obtained show that the WSSADL-CTDC system achieves effective findings in each class. According to 80% of TRPH, the WSSADL-CTDC method obtains an average $Acc$ of 98.86%, $Prec$ of 93.76%, $Recall$ of 93.73%, $F-Score$ of 93.74%, and Matthews correlation coefficient ( $MCC$ ) of 93.12%. In addition, on 20% of TSPH, the WSSADL-CTDC algorithm gains an average $Acc$ of 99.13%, $Prec$ of 95.23%, $Recall$ of 95.25%, $F-Score$ of 95.23%, and $MCC$ of 94.76%, respectively.

Table 2. Cyber threat detection outcomes of the WSSADL-CTDC model under the N-BaIoT.

Classes	Acc	Prec	Recall	F-Score	MCC
TRPH (80%)
Mirai udppalain	98.86	94.78	92.66	93.71	93.09
Mirai udp	98.85	93.00	94.51	93.75	93.12
Mirai syn	98.61	92.30	92.53	92.41	91.65
Mirai scan	98.77	93.04	93.27	93.16	92.48
Mirai ack	98.86	93.43	94.13	93.78	93.16
Gafgyt udp	98.85	93.27	94.09	93.68	93.05
Gafgyt tcp	98.88	93.70	94.05	93.88	93.26
Gafgyt scan	98.92	94.23	94.12	94.18	93.58
Gafgyt junk	98.93	92.70	95.92	94.28	93.71
Gafgyt combo	99.00	95.01	93.81	94.41	93.86
Benign	98.93	95.88	91.97	93.89	93.33
Average	98.86	93.76	93.73	93.74	93.12
TSPH (20%)
Mirai udppalain	99.23	96.86	94.39	95.61	95.19
Mirai udp	98.82	92.61	94.47	93.53	92.89
Mirai syn	99.14	95.88	94.42	95.14	94.67
Mirai scan	99.41	98.07	95.75	96.90	96.58
Mirai ack	99.09	94.53	95.48	95.00	94.50
Gafgyt udp	99.05	94.23	95.61	94.92	94.39
Gafgyt tcp	99.00	93.85	94.82	94.33	93.78
Gafgyt scan	99.18	94.62	95.65	95.14	94.69
Gafgyt junk	99.50	95.94	98.44	97.17	96.91
Gafgyt combo	98.91	93.40	95.19	94.29	93.69
Benign	99.14	97.57	93.49	95.49	95.04
Average	99.13	95.23	95.25	95.23	94.76

| Show Table

DownLoad: CSV

Figure 4. Average outcome of the WSSADL-CTDC system under N-BaIoT dataset.

DownLoad: Full-Size Img PowerPoint

The cyber threat detection analysis of the WSSADL-CTDC technique in the N-BaIoT dataset can be seen in and . The results obtained show that the WSSADL-CTDC system obtains adequate results in all classes. According to 70% of TRPH, the WSSADL-CTDC algorithm receives an average $Acc$ of 98. 22%, $Prec$ of 90. 22%, $Recall$ of 90. 21%, $F-Score$ of 90. 20%, and $MCC$ of 89.23%. Furthermore, based on 30% of TSPH, the WSSADL-CTDC method acquires an average $Acc$ of 98. 07%, $Prec$ of 89. 39%, $Recall$ of 89. 44%, $F-Score$ of 89. 39%, and $MCC$ of 88. 34%, respectively.

Table 3. Cyber threat detection analysis of WSSADL-CTDC algorithm with N-BaIoT dataset.

Classes	Acc	Prec	Recall	F-Score	MCC
TRPH (70%)
Mirai udppalain	98.32	88.59	92.91	90.70	89.81
Mirai udp	97.77	88.27	87.27	87.77	86.54
Mirai syn	98.48	92.79	90.27	91.52	90.69
Mirai scan	98.36	91.94	89.53	90.72	89.83
Mirai ack	98.22	91.01	89.61	90.30	89.33
Gafgyt udp	98.49	92.10	91.58	91.84	91.01
Gafgyt tcp	98.48	91.60	92.23	91.91	91.08
Gafgyt scan	97.68	88.77	85.37	87.04	85.78
Gafgyt junk	98.14	89.34	89.74	89.54	88.52
Gafgyt combo	98.38	89.99	92.66	91.30	90.42
Benign	98.09	87.96	91.15	89.52	88.49
Average	98.22	90.22	90.21	90.20	89.23
TSPH (30%)
Mirai udppalain	98.12	91.43	89.16	90.28	89.25
Mirai udp	98.21	88.49	91.81	90.12	89.15
Mirai syn	98.61	92.08	92.69	92.38	91.62
Mirai scan	98.12	91.12	88.78	89.94	88.91
Mirai ack	98.18	90.43	88.54	89.47	88.48
Gafgyt udp	97.94	87.89	88.50	88.19	87.07
Gafgyt tcp	98.39	87.67	94.27	90.85	90.04
Gafgyt scan	97.67	89.25	84.12	86.61	85.38
Gafgyt junk	97.55	88.10	86.16	87.12	85.77
Gafgyt combo	97.97	86.64	91.10	88.81	87.73
Benign	98.03	90.20	88.75	89.47	88.38
Average	98.07	89.39	89.44	89.39	88.34

| Show Table

DownLoad: CSV

Figure 5. Average outcome of WSSADL-CTDC algorithm with N-BaIoT dataset.

DownLoad: Full-Size Img PowerPoint

The $Acc$ curves for training (TR) and validation (VL) are illustrated in for the WSSADL-CTDC methodology with the N-BaIoT dataset providing valuable insight into its performance on various epochs. Specifically, it shows constant improvement at both TR and testing (TS) $Acc$ with improving epochs, demonstrating the model's proficiency in learning and recognizing patterns in both TR and TS data. The upward trend in TS $Acc$ emphasizes the model adaptability to the TR dataset and its ability to generate correct predictions on unnoticed data, underscoring the robust generalization capabilities.

Figure 6.

$Acc$ curve of WSSADL-CTDC system under N-BaIoT dataset.

DownLoad: Full-Size Img PowerPoint

Figure 7 displays a wide-ranging overview of the TR and TS loss values for the WSSADL-CTDC algorithm with the N-BaIoT dataset at different epochs. The TR loss is reliably minimized as the model refines its weights to decrease classification errors in both datasets. The loss curves exemplify the alignment of the model with TR data, highlighting its ability to capture patterns efficiently. Consider the continuous improvement of parameters in the WSSADL-CTDC technique, which aims to diminish the discrepancies between predictions and actual TR labels.

Figure 7. Loss curve of WSSADL-CTDC model with N-BaIoT database.

DownLoad: Full-Size Img PowerPoint

Regarding the precision-recall (PR) curve in Figure 8, the findings confirm that the WSSADL-CTDC system in the N-BaIoT dataset consistently achieves increased PR values in every class. These findings emphasize the model's better capacity to discriminate among diverse classes, underscoring its efficiency in accurately recognizing class labels.

Figure 8. PR curve of WSSADL-CTDC model at N-BaIoT dataset.

DownLoad: Full-Size Img PowerPoint

Furthermore, in Figure 9, receiver operating characteristic (ROC) curves produced by the WSSADL-CTDC technique are denoted under the N-BaIoT dataset, representing its proficiency in differentiating between classes. These curves offer valuable insights into how the trade-off between false positive rate (FPR) and true positive rate (TPR) differs through diverse classification epochs and thresholds. The results underscore the accuracy of the model's classification on numerous class labels, emphasizing its efficacy in covering diverse classification challenges.

Figure 9. ROC curve of WSSADL-CTDC model with N-BaIoT dataset.

DownLoad: Full-Size Img PowerPoint

The detailed comparative statement of the WSSADL-CTDC technique with existing ones under the N-BaIoT dataset is given in Table 4 and ^[42]. These outcomes infer that the WSSADL-CTDC system performs better than other systems. It is noted that the deep belief network (DBN), LSTM, bat algorithm (BA)-NN, and PSO-NN models perform poorly, whereas the lightweight gradient-based algorithm (LGBA)-NN and multi-factor optimization random error linear model (MFO-RELM) models achieve reasonable results. However, the WSSADL-CTDC technique performs better with a maximum $Acc$ of 99.13%, $Prec$ of 95.23%, $Recall$ of 95.25%, and $F-Score$ of 95.23%.

Table 4. Comparison analysis of the WSSADL-CTDC model with other algorithms under N-BaIoT dataset.

Methods	Acc	Prec	Recall	F-Score
DBN Algorithm	89.47	89.48	90.03	89.40
LSTM Model	89.88	89.63	89.92	89.61
BA-NN Model	91.20	84.53	88.02	84.68
PSO-NN Model	90.30	83.94	88.81	84.31
LGBA-NN Model	96.35	87.34	92.42	89.18
MFO-RELM	98.91	94.93	93.95	93.94
WSSADL-CTDC	99.13	95.23	95.25	95.23

| Show Table

DownLoad: CSV

Figure 10. Comparison analysis of the WSSADL-CTDC model under the N-BaIoT dataset.

DownLoad: Full-Size Img PowerPoint

The computation time (CT) analysis of the WSSADL-CTDC methodology can be compared with other systems, as described in Table 5 and Figure 11. The findings show that the WSSADL-CTDC technique obtains a CT decrease of 0.46 s. Alternatively, the DBN, LSTM, BA-NN, PSO-NN, LGBA-NN, and MFO-RELM algorithms gain improved CT expressed in seconds units 4.67, 3.65, 2.64, 2.89, 2.71, and 1.94, respectively. Consequently, the WSSADL-CTDC method has been employed for superior performance over other compared algorithms.

Table 5. Computation time analysis of the WSSADL-CTDC model with other systems.

Methods	Computational Time (sec)
DBN Algorithm	4.67
LSTM Model	3.65
BA-NN Model	2.64
PSO-NN Model	2.89
LGBA-NN Model	2.71
MFO-RELM	1.94
WSSADL-CTDC	0.46

| Show Table

DownLoad: CSV

Figure 11. Computation time of the WSSADL-CTDC model with other systems.

DownLoad: Full-Size Img PowerPoint

These results state that the WSSADL-CTDC technique improves the network security performance.

5. Conclusions

This article introduces an innovative WSSADL-CTDC method for robust network security. The WSSADL-CTDC technique aims to detect the presence of cyber threats and accomplish network security using metaheuristics with DL models. To achieve this, the WSSADL-CTDC technique implements a min-max normalization approach to scale the data into a uniform format. In addition, the WSSADL-CTDC technique applies SFLA to elect an optimal subset of features. The WSSADL-CTDC technique applies a hybrid CAE model for cyber threat detection and classification. A WSSA-based hyperparameter tuning method can be employed to enhance the detection performance of the CAE model. The simulation result of the WSSADL-CTDC technique can be evaluated under the benchmark dataset. The extensive analysis of the results found that the WSSADL-CTDC technique performed better than comparable methods on different measures. The WSSADL-CTDC technique may encounter scalability threats with more extensive datasets and benefit from real-time utilization optimizations in dynamic network environments. Future studies may focus on improving scalability and enabling real-time deployment.

Author contributions

Maha M. Althobaiti: Conceptualization, validation, formal analysis, investigation, resources, software, writing–original draft, writing–review & editing; José Escorcia-Gutierrez: Methodology, validation, formal analysis, investigation, visualization, writing–original draft, writing–review & editing. All authors have read and approved the final version of the manuscript for publication.

Use of AI tools declaration

During the revision of this work, the authors used the writefull language check embedded in Overleaf to improve English grammar, proofread and rephrase certain sentences in order to minimize the iThenticate similarity index. Following the use of these tools and services, the authors reviewed and edited the content as necessary, assuming full responsibility for the content of the publication.

Acknowledgments

The authors would like to acknowledge the Deanship of Graduate Studies and Scientific Research, Taif University for funding this work.

Conflict of interest

The authors declare that they have no conflict of interest. The manuscript was written with the contributions of all authors. All authors have approved the final version of the manuscript.

References

[1]	Z. Zuo, J. Song, Z. Zheng, Q. Han, A survey on modelling, control and challenges of stratospheric airships, Control Eng. Pract., 119 (2022), 104979. https://doi.org/10.1016/j.conengprac.2021.104979 doi: 10.1016/j.conengprac.2021.104979
[2]	T. Chen, M. Zhu, Z. Zheng, Asymmetric error-constrained path-following control of a stratospheric airship with disturbances and actuator saturation, Mech. Syst. Signal Process., 119 (2019), 501–522. https://doi.org/10.1016/j.ymssp.2018.10.003 doi: 10.1016/j.ymssp.2018.10.003
[3]	J. Yuan, M. Zhu, X. Guo, W. Lou, Finite-time trajectory tracking control for a stratospheric airship with full-state constraint and disturbances, J. Franklin Inst., 358 (2021), 1499–1528. https://doi.org/10.1016/j.jfranklin.2020.12.010 doi: 10.1016/j.jfranklin.2020.12.010
[4]	J. Yuan, X. Guo, Z. Zheng, M. Zhu, H. Gou, Error-constrained fixed-time trajectory tracking control for a stratospheric airship with disturbances, Aerosp. Sci. Technol., 118 (2021), 107055. https://doi.org/10.1016/j.ast.2021.107055 doi: 10.1016/j.ast.2021.107055
[5]	S. Liang, S. Zhang, Y. Huang, X. Zheng, J. Cheng, S. Wu, Data-driven fault diagnosis of FW-UAVs with consideration of multiple operation conditions, ISA Trans., 126 (2022), 472–485. https://doi.org/10.1016/j.isatra.2021.07.043 doi: 10.1016/j.isatra.2021.07.043
[6]	T. Thanaraj, K. H. Low, B. F. Ng, Actuator fault detection and isolation on multi-rotor UAV using extreme learning neuro-fuzzy systems, ISA Trans., 138 (2023), 168–185. https://doi.org/10.1016/j.isatra.2023.02.026 doi: 10.1016/j.isatra.2023.02.026
[7]	J. J. Gertler, M. M. Kunwer, Optimal residual decoupling for robust fault diagnosis, Int. J. Control, 61 (1995), 395–421. https://doi.org/10.1080/00207179508921908 doi: 10.1080/00207179508921908
[8]	A. Khan, W. Xie, B. Zhang, L. Liu, A survey of interval observers design methods and implementation for uncertain systems, J. Franklin Inst., 358 (2021), 3077–3126. https://doi.org/10.1016/j.jfranklin.2021.01.041 doi: 10.1016/j.jfranklin.2021.01.041
[9]	S. Meng, F. Meng, F. Zhang, Q. Li, Y. Zhang, A. Zemouche, Observer design method for nonlinear generalized systems with nonlinear algebraic constraints with applications, Automatica, 162 (2024), 111512. https://doi.org/10.1016/j.automatica.2024.111512 doi: 10.1016/j.automatica.2024.111512
[10]	F. Nemati, S. M. S. Hamami, A. Zemouche, A nonlinear observer-based approach to fault detection, isolation and estimation for satellite formation flight application, Automatica, 107 (2019), 474–482. https://doi.org/10.1016/j.automatica.2019.06.007 doi: 10.1016/j.automatica.2019.06.007
[11]	G. Zogopoulos-Papaliakos, K. J. Kyriakopoulos, An efficient approach for graph-based fault diagnosis in UAVs, J. Intell. Rob. Syst., 97 (2020), 553–576. https://doi.org/10.1007/s10846-019-01061-7 doi: 10.1007/s10846-019-01061-7
[12]	R. Falcón, H. Ríos, A. Dzul, A robust fault diagnosis for quad-rotors: A sliding-mode observer approach, IEEE/ASME Trans. Mechatron., 27 (2022), 4487–4496. https://doi.org/10.1109/TMECH.2022.3156854 doi: 10.1109/TMECH.2022.3156854
[13]	L. Shang, G. Liu, Sensor and actuator fault detection and isolation for a high performance aircraft engine bleed air temperature control system, IEEE Trans. Control Syst. Technol., 19 (2011), 1260–1268. https://doi.org/10.1109/TCST.2010.2076353 doi: 10.1109/TCST.2010.2076353
[14]	Y. Wei, J. Qiu, P. Shi, L. Wu, A piecewise-markovian lyapunov approach to reliable output feedback control for fuzzy-affine systems with time-delays and actuator faults, IEEE Trans. Cybern., 48 (2018), 2723–2735. https://doi.org/10.1109/TCYB.2017.2749239 doi: 10.1109/TCYB.2017.2749239
[15]	S. Li, H. Wang, A. Aitouche, Y. Tian, N. Christov, Actuator fault and disturbance estimation using the T-S fuzzy model, IFAC-PapersOnLine, 50 (2017), 15722–15727. https://doi.org/10.1016/j.ifacol.2017.08.2414 doi: 10.1016/j.ifacol.2017.08.2414
[16]	H. Ma, Y. Liu, T. Li, G. Yang, Nonlinear high-gain observer-based diagnosis and compensation for actuator and sensor faults in a quadrotor unmanned aerial vehicle, IEEE Trans. Ind. Inf., 15 (2019), 550–562. https://doi.org/10.1109/TII.2018.2865522 doi: 10.1109/TII.2018.2865522
[17]	R. C. Avram, X. Zhang, J. Muse, Quadrotor actuator fault diagnosis and accommodation using nonlinear adaptive estimators, IEEE Trans. Control Syst. Technol., 25 (2017), 2219–2226. https://doi.org/10.1109/TCST.2016.2640941 doi: 10.1109/TCST.2016.2640941
[18]	W. Chua, J. C. L. Chan, C. P. Tan, E. K. P. Chong, S. Saha, Robust fault reconstruction for a class of nonlinear systems, Automatica, 113 (2020), 108718. https://doi.org/10.1016/j.automatica.2019.108718 doi: 10.1016/j.automatica.2019.108718
[19]	F. Zhu, Y. Tang, Z. Wang, Interval-observer-based fault detection and isolation design for T-S fuzzy system based on zonotope analysis, IEEE Trans. Fuzzy Syst., 30 (2022), 945–955. https://doi.org/10.1109/TFUZZ.2021.3050854 doi: 10.1109/TFUZZ.2021.3050854
[20]	M. Zhang, Z. Wang, Y. Wang, J. H. Park, Z. Ji, Interval observer filtering-based fault diagnosis method for linear discrete-time systems with dual uncertainties, J. Franklin Inst., 359 (2022), 1626–1648. https://doi.org/10.1016/j.jfranklin.2021.11.018 doi: 10.1016/j.jfranklin.2021.11.018
[21]	S. Li, H. Wang, A. Aitouche, N. Christov, Sliding mode observer design for fault and disturbance estimation using takagi-sugeno model, Eur. J. Control, 44 (2018), 114–122. https://doi.org/10.1016/j.ejcon.2018.09.006 doi: 10.1016/j.ejcon.2018.09.006
[22]	A. N. Zhirabok, A. E. Shumsky, A. V. Zuev, Fault diagnosis in linear systems via sliding mode observers, Int. J. control, 94 (2021), 327–335. https://doi.org/10.1080/00207179.2019.1590738 doi: 10.1080/00207179.2019.1590738
[23]	R. Zhou, J. Li, Z. Yang, Y. Xu, Z. Yu, Y. Zhang, Fractional-order sliding-mode fault-tolerant control of unmanned airship against actuator faults, IFAC-PapersOnLine, 55 (2022), 617–622. https://doi.org/10.1016/j.ifacol.2022.07.196 doi: 10.1016/j.ifacol.2022.07.196
[24]	H. Hamdi, M. Rodrigues, C. Mechmeche, N. B. Braiek, Fault diagnosis based on sliding mode observer for LPV descriptor systems, Asian J. Control, 21 (2019), 89–98. https://doi.org/10.1002/asjc.2022 doi: 10.1002/asjc.2022
[25]	T. Chen, M. Zhu, Z. Zheng, Adaptive path following control of a stratospheric airship with full-state constraint and actuator saturation, Aerosp. Sci. Technol., 95 (2019), 105457. https://doi.org/10.1016/j.ast.2019.105457 doi: 10.1016/j.ast.2019.105457

This article has been cited by:

Yiyi Liu, Xueqing Teng, Xiaoqiang Yan, Hong Zhang, A second-order, unconditionally invariant-set-preserving scheme for the FitzHugh-Nagumo equation, 2025, 189, 08981221, 161, 10.1016/j.camwa.2025.04.013

Reader Comments

Your name:*

Email:*
© 2025 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)