JOURNAL ARTICLE

Harnessing AI for Cyber Defense: Honeypot-Driven Intrusion Detection Systems

Eman AlatawiUmar Albalawi

Year: 2025 Journal:   Symmetry Vol: 17 (5)Pages: 628-628   Publisher: Multidisciplinary Digital Publishing Institute

Abstract

Anomaly detection is essential in cybersecurity for identifying abnormal activities, a requirement that has grown increasingly critical with the complexity of cyberthreats. This study leverages the BPF-Extended Tracking Honeypot (BETH) dataset, a comprehensive resource designed to benchmark robustness in detecting anomalous behavior in kernel-level process and network logs. The symmetry of the proposed system lies in its ability to identify balanced and consistent patterns within kernel-level process logs, which form the foundation for accurately distinguishing anomalies. This study focuses on anomaly detection in kernel-level process logs by introducing an enhanced Isolation Forest (iForest) model, which is integrated into a structured framework that includes exploratory data analysis (EDA), data pre-processing, model training, validation, and evaluation. The proposed approach achieves a significant performance improvement in the anomaly detection results, with an area under the receiver operating characteristic curve (AUROC) score of 0.917—an approximate 7.88% increase over the baseline model’s AUROC of 0.850. Additionally, the model demonstrates high precision (99.57%), F1-score (91.69%), and accuracy (86.03%), effectively minimizing false positives while maintaining balanced detection capabilities. These results underscore the role of leveraging symmetry in designing advanced intrusion detection systems, offering a structured and efficient solution for identifying cyberthreats.

Keywords:
Honeypot Intrusion detection system Computer science Computer security Cyberwarfare Intrusion

Metrics

2
Cited By
10.33
FWCI (Field Weighted Citation Impact)
25
Refs
0.93
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Network Security and Intrusion Detection
Physical Sciences →  Computer Science →  Computer Networks and Communications
Advanced Malware Detection Techniques
Physical Sciences →  Computer Science →  Signal Processing
Smart Grid Security and Resilience
Physical Sciences →  Engineering →  Control and Systems Engineering
© 2026 ScienceGate Book Chapters — All rights reserved.