Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
Cloud-Based Deep Learning for Real-Time URL Anomaly Detection: LSTM/GRU and CNN/LSTM Models
Department of Computer Science, College of Computer Science and Engineering, Taibah University, Madinah, 42353, Saudi Arabia
* Corresponding Author: Ayman Noor. Email:
Computer Systems Science and Engineering 2025, 49, 259-286. https://doi.org/10.32604/csse.2025.060387
Received 31 October 2024; Accepted 08 January 2025; Issue published 21 February 2025
View Full Text
Download PDFAbstract
Precisely forecasting the performance of Deep Learning (DL) models, particularly in critical areas such as Uniform Resource Locator (URL)-based threat detection, aids in improving systems developed for difficult tasks. In cybersecurity, recognizing harmful URLs is vital to lowering risks associated with phishing, malware, and other online-based attacks. Since it directly affects the model’s capacity to differentiate between benign and harmful URLs, finding the optimum mix of hyperparameters in DL models is a significant difficulty. Two commonly used architectures for sequential and spatial data processing, Long Short-Term Memory (LSTM)/Gated Recurrent Unit (GRU) and Convolutional Neural Network (CNN)/Long Short-Term Memory (LSTM) models are targeted in this study to have higher predictive capacity by modifying crucial hyperparameters such as learning rate, batch size, and dropout rate using cloud capability. Research finds the best settings for the models by testing 50 dropout rates (between 0.1 and 0.5) with different learning rates and batch sizes. Performances were measured in the form of accuracy, precision, recall, F1-score, and errors such as Mean Absolute Error (MAE), Mean Squared Error (MSE), Root Mean Squared Error (RMSE) and Mean Absolute Percent Error (MAPE). In our results, CNN/LSTM performed better often than LSTM/GRU, with up to 10% better F1-score and much lower MAPE when the learning rate was 0.001 and the dropout rate was 0.2. These results show the value of fine-tuning hyperparameters to increase model performance and reduce errors. Higher on many of the parameters, CNN/LSTM architecture became obvious as the more trustworthy one. It also discussed the importance of DL in enhancing URL attack detection mechanisms to provide increased accuracy and precision for real-world cybersecurity.Keywords
Cloud-based anomaly detection; focal loss; dynamic threshold tuning; LSTM; GRU; CNN
Cite This Article
APA Style
Noor, A. (2025). Cloud-based deep learning for real-time URL anomaly detection: LSTM/GRU and CNN/LSTM models. Computer Systems Science and Engineering, 49(1), 259–286. https://doi.org/10.32604/csse.2025.060387
Vancouver Style
Noor A. Cloud-based deep learning for real-time URL anomaly detection: LSTM/GRU and CNN/LSTM models. Comput Syst Sci Eng. 2025;49(1):259–286. https://doi.org/10.32604/csse.2025.060387
IEEE Style
A. Noor, “Cloud-Based Deep Learning for Real-Time URL Anomaly Detection: LSTM/GRU and CNN/LSTM Models,” Comput. Syst. Sci. Eng., vol. 49, no. 1, pp. 259–286, 2025. https://doi.org/10.32604/csse.2025.060387
Copyright © 2025 The Author(s). Published by Tech Science Press.This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
