Tyshchenko Svitlana, PhD (Pedagogy), Head of the Department of Economic Cybernetics, Computer Science and Information Technologies, Mykolayiv National Agrarian University, Mykolayiv, Ukraine

ORCID ID: 0000-0001-7881-8740
e-mail: tyschenko@mnau.edu.ua

Parkhomenko Oleksandr, PhD (Physics and Mathematics), Associate Professor of the Department of Economic Cybernetics, Computer Science and Information Technologies, Mykolayiv National Agrarian University, Mykolayiv, Ukraine

ORCID ID: 0000-0002-7940-7414
e-mail: parkhomenko@mnau.edu.ua

Yemelianov Sviatoslav, PhD (Physics and Astronomy), Senior Lecturer of the Department of Economic Cybernetics, Computer Science and Information Technologies, Mykolayiv National Agrarian University, Mykolayiv, Ukraine

ORCID ID: 0009-0005-9106-5209
e-mail: sviatoslavem@mnau.edu.ua

Bohatienkova Oleksandra, Lecturer of the Department of Economic Cybernetics, Computer Science and Information Technology, Mykolaiv National Agrarian University, Mykolaiv, Ukraine

ORCID ID: 0009-0003-0214-0680
e-mail: oleksandra.bohatienkova@mnau.edu.ua

Hilko Ivan, Senior Lecturer of the Department of Economic Cybernetics, Computer Science and Information Technology, Mykolaiv National Agrarian University, Mykolaiv, Ukraine

ORCID ID: 0000-0001-7983-8276
e-mail: hilko@mnau.edu.ua

Application of Deep Learning Methods for Detection and Classification of Cyber Threats in Financial Networks Based on the NSL-KDD Dataset

Abstract. Introduction. The rapid digitalization of financial networks has amplified the vulnerability to sophisticated cyber threats, such as DDoS, phishing, and man-in-the-middle attacks, necessitating advanced detection mechanisms. This study investigates the application of deep learning, specifically multilayer perceptrons (MLP), for classifying and predicting cyber threats using the NSL-KDD dataset, tailored to the needs of financial systems. Discrete mathematical structures are employed to represent network traffic data, enabling effective modeling of complex patterns inherent in cyber attacks targeting financial institutions.

Purpose. The research aims to develop and evaluate MLP models for binary classification of network traffic (normal vs. attacks), leveraging discrete mathematical representations to enhance detection accuracy. The performance of MLP is compared with traditional machine learning methods, such as Random Forest, to assess its efficacy in identifying cyber threats within financial network contexts, with a focus on practical applicability.

Results. It was established that the MLP model achieves an accuracy of 97.8%, an F1-score of 0.976, and an AUC of 0.99, surpassing the Random Forest model, which recorded an accuracy of 96.5% and an AUC of 0.97. The MLP’s superior performance is attributed to its ability to model nonlinear dependencies, particularly for rare attacks like U2R, which Random Forest misclassifies more frequently. Visualizations, including learning curves, ROC curve, confusion matrix, and a feature importance histogram, were generated to analyze model performance. Key features, such as src_bytes and dst_bytes, were identified as critical, reflecting anomalous data volumes during attacks like DoS, which are prevalent in financial networks. These results underscore the potential of MLP for robust cyber threat detection.

Conclusions. The proposed MLP-based approach demonstrates significant potential for automated cyber threat detection in financial systems, offering high accuracy and interpretability through visualizations. Limitations include reliance on the NSL-KDD dataset, which does not encompass modern threats like phishing or API-targeted attacks. Future research directions involve integrating real-time transaction logs, social media data, and exploring advanced architectures, such as convolutional neural networks (CNN) and long short-term memory (LSTM) networks, to capture temporal dependencies in network traffic.

Keywords. deep learning; multilayer perceptron; cyber threats; financial networks; NSL-KDD; Random Forest; discrete mathematics.

References:

1. Bonderud, D. (2024). Cost of a data breach 2024: Financial industry. IBM. https://www.ibm.com/think/insights/cost-of-a-data-breach-2024-financial-industry.
2. Sutherland, T. (2025). Two-thirds of financial institutions faced cyberattacks in 2024. Security Magazine | The business magazine for security executives. https://www.securitymagazine.com/articles/101524-two-thirds-of-financial-institutions-faced-cyberattacks-in-2024.
3. Tyshchenko, S., & Parkhomenko, O. (2024). Analysis of the impact of digital threats on financial markets using methods of probability theory and python. Modern Economics, 43(1), 118–124. https://doi.org/10.31521/modecon.v43(2024)-16.
4. Tyshchenko, S., Parkhomenko, O., & Hilko, I. (2024). Modeling the impact of digital threats on financial markets using time series analysis and anomaly detection using python. Modern Economics, 44, 205–212. https://doi.org/10.31521/modecon.v44(2024)-30.
5. Tyshchenko, S., Parkhomenko, O., & Darmosyuk, V. (2024). Modelling and Analysis of Cyberattack Risks on Financial Institutions Using Mathematical Statistics and Python Methods. Modern Economics, 48, 130-136. DOI: https://doi.org/10.31521/modecon.V48(2024)-16.
6. Sama, L., Wang, H., & Watters, P. (2022). Enhancing System Security by Intrusion Detection Using Deep Learning, 169-176. https://doi.org/10.1007/978-3-031-15512-3_14.
7. Elsayed, S., Mohamed, K., & Madkour, M. (2024). A Comparative Study of Using Deep Learning Algorithms in Network Intrusion Detection. IEEE Access, 12, 58851-58870. https://doi.org/10.1109/ACCESS.2024.3389096.
8. Modak, A., & Dehalwar, V. (2024). Design and Analysis of Intrusion Detection Using Deep Learning Models. 2024 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT), 1-6. https://doi.org/10.1109/CONECCT62155.2024.10677142.
9. Almejarb, R., Sallabi, O., Bushaala, F., Mohamed, A., Fawzi, A., & Adel, R. (2023). A Proposed Method for Detecting Network Intrusion Using Deep Learning Approach. 2023 IEEE 3rd International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering (MI-STA), 83-88. https://doi.org/10.1109/MI-STA57575.2023.10169553.
10. Jiang, J., & Li, C. (2021). Binary- and Multi-class Network Intrusion Detection with Adaptive Synthetic Sampling and Deep Learning. 2021 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW), 1-2. https://doi.org/10.1109/ICCE-TW52618.2021.9603206.
11. Cihan, S., Aydos, M., & Şimşek, N. (2021). A Tree Based Machine Learning and Deep Learning Classification for Network Intrusion Detection. European Journal of Science and Technology. https://doi.org/10.31590/ejosat.889994.
12. Chellammal, P., Kezia, S., Reka, K., & Raja, G. (2022). Fast and Effective Intrusion Detection Using Multi-Layered Deep Learning Networks. Int. J. Web Serv. Res, 19, 1-16. https://doi.org/10.4018/ijwsr.310057.
13. Hussain, J., & Hnamte, V. (2021). Deep Learning Based Intrusion Detection System:Modern Approach. 2021 2nd Global Conference for Advancement in Technology (GCAT), 1-6. https://doi.org/10.1109/GCAT52182.2021.9587719.
14. Amaizu, G., Nwakanma, C., Lee, J., & Kim, D. (2020). Investigating Network Intrusion Detection Datasets Using Machine Learning. 2020 International Conference on Information and Communication Technology Convergence (ICTC), 1325-1328. https://doi.org/10.1109/ICTC49870.2020.9289329.
15. M Hassan Zaib (2019). NSL-KDD. https://www.kaggle.com/datasets/hassan06/nslkdd.