<![CDATA[The rapid expansion of the Internet of Things (IoT) has introduced significant cybersecurity challenges, particularly during the reconnaissance phase, where attackers collect system information to launch more severe attacks. Conventional intrusion detection systems often fail to detect reconnaissance due to similarities with benign traffic. To address this, this study proposes a hybrid detection framework that combines autoencoder-based feature extraction with a Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM) classifier. The autoencoder reduces data dimensionality and extracts meaningful latent features, while CNN captures spatial patterns and LSTM models temporal dependencies in network traffic. Experiments were conducted using the CICIoT2023 dataset, focusing exclusively on reconnaissance attacks. The evaluation metrics include accuracy, precision, recall, specificity, False Positive Rate (FPR), False Negative Rate (FNR), and F1-score. Results show that the proposed model achieves an overall accuracy of 99.79%, specificity of 0.9994, precision of 0.9948, recall of 0.9445, and F1-score of 0.9648. Class-level analysis demonstrates high performance across most attack types, though Ping Sweep exhibits a lower recall of 0.6853 despite achieving perfect precision. These findings indicate that the hybrid CNN–LSTM model with autoencoder feature extraction is effective for reconnaissance attack detection, with strong generalization and minimal misclassification.]]>
Copyrights © 2026
