STAP Journal of Security Risk Management

ISSN: 3080-9444 (Online)

open accessOpen Access

Article

👁️176views

A Multi-Layered Adaptive Cybersecurity Framework for the Banking Sector Integrating Next-Gen Firewalls with AI-Driven IDPS

by 

Sokroeurn Ang ;

Mony Ho ;

Sopheatra Huy ;

Midhunchakkaravarthy Janarthanan

PDF logoPDF

Published: 2026

Abstract

The accelerated digital transformation of the banking sector has enhanced the delivery of financial services but simultaneously expanded the cyberattack surface, exposing institutions to advanced persistent threat (APT), zero-day exploit, and obfuscated malware. Conventional perimeter defenses, primarily Layer 3 and 4 firewalls and signature-based intrusion detection systems (IDS), offer insufficient protection against encrypted, evasive, and previously unknown cyberattacks, and frequently generate high false-positive rates that burden Security Operations Center (SOC). This study proposes a multilayered adaptive cybersecurity framework that integrates Layer 7 Next Generation Firewall (NGFW), hybrid Network and Host-based Intrusion Detection and Prevention System (NIDPS/HIDPS), and an AI-driven analysis engine. The framework employs a dual-stage detection architecture, combining Convolutional Neural Network (CNN) for spatial representation learning and Random Forest (RF) classifiers for anomaly decisioning. The model was evaluated using a strategically consolidated dataset derived from CIC-IDS-2017 and UNSW-NB15, specifically isolating cyberattack vectors prevalent in financial infrastructures (e.g., SQL Injection, DDoS, and Brute Force). The model achieves 99.65% detection accuracy and a reduced false-positive rate of 0.35%, significantly outperforming classical SVM and standalone signature-based systems. The results demonstrate that the proposed architecture aligned with NIST and PCI-DSS standard as well as defense-in-depth mechanism suitable for real-time, high-frequency financial environments.

Keywords

Cybersecurity in BankingMulti layered security frameworkAI-driven IDPSNext-Generation Firewall (NGFW)Anomaly detectionZero-day attacksDeep Learning

Doi Link

https://doi.org/10.63180/jsrm.thestap.2026.1.4

How to Cite the Article

Ang, S., Ho, M., Huy, S., & Janarthanan, M. (2026). A Multi-Layered Adaptive Cybersecurity Framework for the Banking Sector Integrating Next-Gen Firewalls with AI-Driven IDPS. STAP Journal of Security Risk Management, 2026(1), 67–76. https://doi.org/10.63180/jsrm.thestap.2026.1.4

A Multi-Layered Adaptive Cybersecurity Framework for the Banking Sector Integrating Next-Gen Firewalls with AI-Driven IDPS is licensed under CC BY 4.0CCBY

References

  1. A. S. Dina and D. Manivannan, “Intrusion detection based on machine learning techniques in computer networks,” Internet of Things, no. 16, pp. 100462, 2021. DOI: https://doi.org/10.1016/j.iot.2021.100462.
  2. A. Waleed, A. F. Jamali, and A. Masood, “Which open-source IDS? Snort, Suricata or Zeek,” Computer Networks, no. 213, pp. 109116, 2022. DOI: https://doi.org/10.1016/j.comnet.2022.109116.
  3. J. Heino, A. Hakkala, and S. Virtanen, “Study of methods for endpoint aware inspection in a next generation firewall,” Cybersecurity, no. 5, pp. 25, 2022. DOI: https://doi.org/10.1186/s42400-022-00127-8.
  4. A. P. Singh and M. D. Singh, “Analysis of host-based and network-based intrusion detection system,” International Journal of Computer Network and Information Security, vol. 6, no. 8, pp. 41-47, 2014. DOI: https://doi.org/10.5815/ijcnis.2014.08.06.
  5. K. Scarfone and P. Mell, “Guide to intrusion detection and prevention systems (IDPS),” National Institute of Standards and Technology, NIST Special Publication 800-94, 2007. DOI: https://doi.org/10.6028/NIST.SP.800-94.
  6. Y. Otoum and A. Nayak, “AS-IDS: Anomaly and signature-based IDS for the Internet of Things,” Journal of Network and Systems Management, no. 29, pp. 28, 2021. DOI: https://doi.org/10.1007/s10922-021-09589-6.
  7. K. Scarfone and P. Hoffman, “Guidelines on firewalls and firewall policy,” National Institute of Standards and Technology, NIST Special Publication 800-41 Rev. 1, 2009. DOI: https://doi.org/10.6028/NIST.SP.800-41r1.
  8. M. Patel, P. P. Amritha, V. B. Sudheer, and M. Sethumadhavan, “DDoS attack detection model using machine learning algorithm in next generation firewall,” Procedia Computer Science, vol. 233, pp. 175–183, 2024. DOI: https://doi.org/10.1016/j.procs.2024.03.207.
  9. M. Sichkar and L. Pavlova, “A short survey of the capabilities of Next Generation firewalls,” Computer Science and Cybersecurity, no. 1, pp. 28-33, 2023. DOI: https://doi.org/10.26565/2519-2310-2023-1-02.
  10. J. Liang and Y. Kim, “Evolution of firewalls: Toward securer network using next generation firewall,” in 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC), 2022, pp. 752-759. DOI: https://doi.org/10.1109/CCWC54503.2022.9720435.
  11. Lee, Jae-Kook, Taeyoung Hong, and Gukhua Lee. 2024. "AI-Based Approach to Firewall Rule Refinement on High-Performance Computing Service Network" Applied Sciences 14, no. 11: 4373. https://doi.org/10.3390/app14114373.
  12. F. Jemili, M. Zaghdoud, and A. Ben Ahmed, “Intelligent firewall based on machine learning: A survey,” in 2018 International Conference on Smart Communications in Network Technologies (SaCoNeT), 2018, pp. 136-141. DOI: https://doi.org/10.1109/SaCoNeT.2018.8585424.
  13. Ibrahim, A., Kadhim, A. F., Hamzah, A. E., & Al-Shareeda, M. A. (2026). A Secure and Scalable IoT Home Automation Architecture with Web and Biometric Control. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  14. Kadhim, A. F., Hamzah, A. E., Al-Shareeda, M. A., Hussein, A. I., & Sapiee, N. M. (2026). Accurate Network Intrusion Detection using a Feedforward Neural Network and Bee Colony Optimization Algorithm. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  15. Detection Dataset and Intrusion Traffic Characterization," in Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP), 2018, pp. 108–116. DOI: https://doi.org/10.5220/0006639801080116.
  16. W. Seo and W. Pak, “Real-time network intrusion prevention system based on hybrid machine learning,” IEEE Access, vol. 9, pp. 46387-46393, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3066620.
  17. M. Ring, S. Wunderlich, D. Scheuring, D. Landes, and A. Hotho, “A survey of network based intrusion detection data sets,” Computers & Security, no. 87, pp. 101600, 2019. DOI: https://doi.org/10.1016/j.cose.2019.06.005.
  18. Z. Ahmad, A. S. Khan, C. W. Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, Art. no. e4150, 2021. DOI: https://doi.org/10.1002/ett.4150.
  19. P. Vanin et al., “A study of network intrusion detection systems using artificial intelligence/machine learning,” Applied Sciences, no. 21, pp. 111752, 2022. DOI: https://doi.org/10.3390/app122211752.
  20. N. Moustafa and J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems," in 2015 Military Communications and Information Systems Conference (MilCIS), 2015, pp. 1–6. DOI: https://doi.org/10.1109/MilCIS.2015.7348942.
  21. C.-J. Chung, P. Khatkar, T. Xing, J. Lee, and D. Huang, “NICE: Network intrusion detection and countermeasure selection in virtual network systems,” IEEE Transactions on Dependable and Secure Computing, vol. 10, no. 4, pp. 200–210, 2013. DOI: https://doi.org/10.1109/TDSC.2013.8.
  22. S. Kumar, S. Gupta, and S. Arora, “Research trends in network-based intrusion detection systems: A review,” IEEE Access, vol. 9, pp. 157761–157774, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3129775.
  23. R. Samrin and D. Vasumathi, “Review on anomaly-based network intrusion detection system,” in 2017 International Conference on Electrical, Electronics, Communication, Computer and Optimization Techniques (ICEECCOT), 2017, pp. 142-145. DOI: https://doi.org/10.1109/ICEECCOT.2017.8284655.
  24. M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study,” Journal of Information Security and Applications, no. 50, pp. 102419, 2020. DOI: https://doi.org/10.1016/j.jisa.2019.102419.
  25. H. Satilmiş, S. Akleylek, and Z. Y. Tok, "A Systematic Literature Review on Host-Based Intrusion Detection Systems," IEEE Access, vol. 12, pp. 27237-27266, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3367004.
  26. A. O. Omitola et al., "A comprehensive review of the state-of-the-art in host-based intrusion detection systems," IEEE Access, vol. 10, pp. 116281-116306, 2022. DOI: https://doi.org/10.1109/ACCESS.2022.3218702.
  27. M. K. Nallakaruppan et al., "Enhancing Security of Host-Based Intrusion Detection Systems for the Internet of Things," IEEE Access, vol. 12, pp. 31788-31797, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3355794.
  28. R. Moskovitch et al., "Host Based Intrusion Detection using Machine Learning," in 2007 IEEE Intelligence and Security Informatics, 2007, pp. 107-114. DOI: https://doi.org/10.1109/ISI.2007.379542.
  29. S. E. Idrissi, A. E. Bouhadi, and A. Habbani, "Performance analysis of machine learning algorithms for intrusion detection system using CICIDS2017 dataset," International Journal of Information Security, vol. 22, pp. 1365–1377, 2023. DOI: https://doi.org/10.1007/s10207-02300683-x.
  30. Alsahaim, S., Almaiah, M. A., & Sulaiman, R. B. (2023). Security Threats in Mobile Phones: Challenges, Countermeasures, and the Importance of User Awareness. International Journal of Cybersecurity Engineering and Innovation, 2023(1).
  31. H.-Y. Kwon, T. Kim, and M.-K. Lee, “Advanced intrusion detection combining signature based and behavior-based detection methods,” Electronics, no. 6, pp. 867, 2022. DOI: https://doi.org/10.3390/electronics11060867.
  32. C. F. J. Garcia and T. E. G. A. Blandon, “A deep learning-based intrusion detection and prevention system for detecting and preventing denial-of-service attacks,” IEEE Access, vol. 10, pp. 83044–83055, 2022. DOI: https://doi.org/10.1109/ACCESS.2022.3196642.
  33. M. Sajid et al., “Enhancing intrusion detection: a hybrid machine and deep learning approach,” Journal of Cloud Computing, no. 13, pp. 6, 2024. DOI: https://doi.org/10.1186/s13677-024-00685-x.
  34. A. Pinto, L.-C. Herrera, Y. Donoso, and J. A. Gutierrez, “Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure,” Sensors, no. 5, pp. 2415, 2023. DOI: https://doi.org/10.3390/s23052415.
  35. A. A. Aburomman and I. B. M. Reaz, “Review of IDS development methods in machine learning,” International Journal of Electrical and Computer Engineering (IJECE), vol. 6, no. 6, pp. 2432-2434, 2016. DOI: https://doi.org/10.11591/ijece.v6i6.12478.
  36. G. Andresini, A. Appice, and D. Malerba, "A deep learning-based approach for intrusion detection in encrypted traffic," Neurocomputing, vol. 486, pp. 145-154, 2022. DOI: https://doi.org/10.1016/j.neucom.2022.02.046.
  37. A. Thakkar and R. Lohiya, “A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions,” Artificial Intelligence Review, vol. 55, pp. 453-563, 2022. DOI: https://doi.org/10.1007/s10462-021-10037-9.
  38. N. Moustafa, G. Creech, and J. Slay, “A new big data analytics framework for flow-based network intrusion detection systems,” PLOS ONE, no. 5, pp. e0196810, 2018. DOI: https://doi.org/10.1371/journal.pone.0196810.
  39. B. R. Kikissagbe and M. Adda, “Machine learning-based intrusion detection methods in IoT systems: A comprehensive review,” Electronics, no. 18, pp. 3601, 2024. DOI: https://doi.org/10.3390/electronics13183601.
  40. P. L. S. Jayalaxmi et al., “Machine and deep learning solutions for intrusion detection and prevention in IoTs: A survey,” IEEE Access, vol. 10, pp. 121173-121192, 2022. DOI: https://doi.org/10.1109/ACCESS.2022.3220622.
  41. Alghareeb, M. S., Almaiah, M., & Badr, Y. (2024). Cyber Security Threats in Wireless LAN: A Literature Review. International Journal of Cybersecurity Engineering and Innovation, 2024(1).
  42. S. Yadav and M. Saxena, “Reducing false positives in intrusion detection systems using hybrid machine learning algorithms,” Future Generation Computer Systems, vol. 107, pp. 107– 115, 2020. DOI: https://doi.org/10.1016/j.future.2019.12.033.
  43. A. Ahmad and M. K. Khan, “Machine learning-based IDS for reducing false positives in network security,” Computers & Security, no. 87, pp. 101557, 2019. DOI: https://doi.org/10.1016/j.cose.2019.101557.
  44. F. Wang and L. Yao, “A deep learning approach for intrusion detection system with reduced false positives,” Journal of Network and Computer Applications, no. 155, pp. 102530, 2020. DOI: https://doi.org/10.1016/j.jnca.2020.102530.
  45. T. Sowmya and E. A. Mary Anita, “A comprehensive review of AI-based intrusion detection system,” Measurement: Sensors, no. 28, pp. 100827, 2023. DOI: https://doi.org/10.1016/j.measen.2023.100827.
  46. S. Rose, O. Borchert, S. Mitchell, and S. Connelly, “Zero Trust Architecture,” National Institute of Standards and Technology, NIST Special Publication 800-207, 2020. DOI: https://doi.org/10.6028/NIST.SP.800-207.
  47. M. A. Al-Garadi et al., "A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 16461685, 2020.DOI: https://doi.org/10.1109/COMST.2020.2988293.
  48. S. R. Islam, W. Eberle, S. K. Ghafoor, and A. A. Ahmed, "Explainable Artificial Intelligence in Cybersecurity: A Comprehensive Survey," IEEE Access, vol. 11, pp. 3215232182, 2023. DOI: https://doi.org/10.1109/ACCESS.2023.3263521.
  49. Yassin, A., & Almaiah, M. (2026). Cyber security risk assessment for determining threats and countermeasures for banking systems. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  50. M. H. U. Rehman et al., "Trustable and Explainable AI for FinTech: A Survey," IEEEAccess, vol. 10, pp. 100782-100806, 2022.DOI: https://doi.org/10.1109/ACCESS.2022.3208035.
  51. National Institute of Standards and Technology (NIST), “Artificial Intelligence Risk Management Framework (AI RMF 1.0),” NIST AI 100-1, 2023. DOI: https://doi.org/10.6028/NIST.AI.100-1.