Go to DBLP homepageKAN-MID: A Kolmogorov-Arnold Networks-Based Framework for Malicious URL and Intrusion Detection in IoT Systems
Abstract: The growing sophistication of cyberattacks, especially with the ubiquity of the Internet of Things (IoT), highlights the urgent need for stronger detection and protection strategies. With millions of victims impacted by escalating threats and facing substantial financial repercussions, the importance of effective cyber-defense has reached unprecedented levels. This paper presents KAN-MID, a cybersecurity-aware framework that utilizes Kolmogorov-Arnold Networks (KANs) to detect malicious URLs and enhance intrusion detection systems (IDS). To the best of our knowledge, this is the first work to leverage KANs as a unified deep learning framework for cybersecurity tasks across three benchmark datasets CSE-CIC-IDS2018, ISCX-URL2016, and CIC-IoT-2023, demonstrating its effectiveness in both general network and IoT-specific threat detection. Experimental results on the CSE-CIC-IDS2018 and ISCX-URL2016 datasets show that the proposed framework achieves rapid and accurate predictions with inference times below 0.032 milliseconds in various scenarios. It achieved 100% testing accuracy in detecting botnet, DoS, DDoS, and brute force attacks, and 99.81% for spam URLs. The model demonstrates exceptional effectiveness in multi-class classification, achieving an accuracy rate of 98.21% for all attacks assessed in the ISCX-URL2016 dataset. Thorough evaluations conducted with benchmark datasets validate the outstanding model’s performance compared to existing deep learning techniques.
External IDs:dblp:journals/access/RizkRRRC25
Loading