EfficientDense-ViT: APT Detection via Hybrid Deep Learning Framework with Hybrid Dipper Throated Sine Cosine Optimization Algorithm (HDT-SCO)

Abstract

Advanced Persistent Threats (APT) are intelligent, sophisticated cyberattacks that frequently evade detection by gradually interfering with vital systems or focusing on sensitive data. It is proposed herein the new approach of the Hybrid Dipper Throated Sine Cosine Optimization Algorithm (HDT-SCO) for APT detection in association with the EfficientDense-ViT model. It handles the class imbalance issue with advanced processing Adaptive Synthetic Minority Oversampling Technique (ADASYN), including min-max scaling for normalization, and median imputation for missing values. In terms of feature engineering, ResNet-152 and Symbolic Aggregate Approximation (SAX) are adopted for statistical, deep, and time series feature extraction. HDT-SCO optimizes the selection of relevant features to refine by integrating into it the three approaches: PCA, RFE, RF Feature Importance, and L1 Regularization (Lasso). Compared to current detection techniques, the best detection model shows high performance and efficiency through the hybrid deep learning model known as EfficientDense-ViT, which is a combination of EfficientNet, DenseNet, and Vision Transformers (ViT) that can detect APTs reliably. This method shows considerable improvement in both accuracy (0.98741 for the 7030 split and 0.99143 for the 8020 split) and efficiency as compared to existing models in the detection of APTs in cybersecurity.