Date of Award
5-2026
Culminating Project Type
Starred Paper
Styleguide
apa
Degree Name
Information Assurance: M.S.
Department
Information Assurance and Information Systems
College
Herberger School of Business
First Advisor
Susantha Herath
Second Advisor
Mark B. Schmidt
Third Advisor
Erich P. Rice
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
Intrusion Detection Systems, Artificial Intelligence, Host-Based Security, Deception Techniques, Autoencoder, Cybersecurity
Abstract
In recent years, cybersecurity threats have evolved rapidly, with adversaries exploiting zero-day vulnerabilities, polymorphic malware, and adversarial inputs that routinely evade traditional intrusion detection systems (IDS). Signature-based IDS remains reactive and limited to known attacks, while AI-driven anomaly-based IDS using Autoencoders and Long Short Term Memory (LSTM) networks offer dynamic detection but often suffer from false positives and vulnerability to evasion. In parallel, deception mechanisms such as honeypots and honeytokens have emerged as proactive defenses but are rarely integrated into real-time AI-based workflows, reducing their adaptive potential.
This study addresses that gap by developing an AI-driven Host-Based Intrusion Detection System (HIDS) that unifies anomaly detection, visualization, and evaluation within a modular Feeder-Watcher-Dashboard pipeline. The Feeder simulates continuous host activity, including benign and attack-like behavior, while the Watcher computes reconstruction errors using an Autoencoder and flags anomalies in real-time. A Streamlit dashboard visualizes detections and enables dynamic threshold tuning, while the automated archival module generates evaluation metrics and analytical plots, creating a seamless end-to-end defense workflow that unifies detection, visualization, and evaluation.
Evaluated on the CIC-IDS2017 dataset and synthetic host features, the prototype achieved accuracy = 0.916, recall = 1.0, and ROC-AUC = 1.0, demonstrating precise anomaly discrimination. The system’s architecture is inherently deception-ready, supporting future integration of live honeypots. Overall, this research presents a validated host-based defense framework that advances the path toward intelligent, adaptive, and deception enabled intrusion detection for modern cyber environments.
Recommended Citation
chintalapati, shanmukh, "Designing a Hybrid Intrusion Detection System with AI and Deception Techniques for Enhanced Cyber Defense" (2026). Culminating Projects in Information Assurance. 160.
https://repository.stcloudstate.edu/msia_etds/160
Comments/Acknowledgements
I want to express my sincere gratitude to the Department of Information Assurance at St. Cloud [AS1] State University for their continuous support and guidance throughout my studies. A special thank you to Prof. Susantha Herath, my committee chairperson, for his invaluable feedback, encouragement, and mentorship during this research.
I am also deeply grateful to Prof. Mark B. Schmidt and Prof. Erich P. Rice for their constructive [AS2] insights, support, and contributions, which played an important role in shaping this work.
Lastly, I want to thank my family and friends for their constant encouragement, understanding, and motivation, which helped me throughout this journey.
[AS1]Remove additional spacing by going into line spacing option and make sure it is in double spacing while ensuring “0” is put for spacing before and after. Also make sure to check the box for don’t add space between paragraphs of the same style. I will also attach the screenshot for setting in the email
[AS2]Spacing issue
Follow the same format as above.
Please follow the same format throughout the paper.