The increasing frequency and sophistication of cyber-attacks pose significant threats to organizational entities and critical national infrastructure, leading to substantial financial and operational consequences. Detecting such attacks early and accurately remains a complex endeavour, compounded by challenges in intrusion detection system (IDS) design, the exploitation of zero-day attacks, and issues of reliability and resiliency in physical systems. This research addresses these challenges through a two-fold approach: firstly, implementing input data fusion from diverse and heterogeneous sources, and secondly, fusing classifiers from multiple deep learning (DL)-based algorithms. The success of machine learning (ML) and DL models for IDS relies on meticulous data collection and classifier selection. The paper underscores the limitations of relying on single datasets and ML/DL algorithms, emphasizing potential biases and training restrictions. Rigorous experiments were conducted to identify optimal DL architectures, ensuring the creation of models that exhibit robust generalization on new traffic instances, leading to trusted and unbiased results. The study demonstrates the efficacy of the proposed models through comprehensive evaluations and metrics. Results indicate that the fusion of data and classifiers significantly improves model generalization. The paper also outlines key challenges and future trends in data fusion, emphasizing its role in enhancing IDS performance for securing critical infrastructure.

网络攻击的频率和复杂性日益增加，对组织实体和关键的国家基础设施构成重大威胁，导致严重的财务和运营后果。尽早准确地检测此类攻击仍然是一项复杂的工作，再加上入侵检测系统 (IDS) 设计、零日攻击的利用以及物理系统的可靠性和弹性问题方面的挑战，情况变得更加复杂。这项研究通过双重方法解决了这些挑战：首先，实现来自不同异构源的输入数据融合，其次，融合来自多个基于深度学习（DL）的算法的分类器。 IDS 机器学习 (ML) 和 DL 模型的成功依赖于细致的数据收集和分类器选择。该论文强调了依赖单一数据集和 ML/DL 算法的局限性，强调了潜在的偏差和训练限制。我们进行了严格的实验来确定最佳的深度学习架构，确保创建的模型能够对新流量实例表现出强大的泛化能力，从而获得可信且公正的结果。该研究通过综合评估和指标证明了所提出模型的有效性。结果表明，数据和分类器的融合显着提高了模型的泛化能力。该白皮书还概述了数据融合的主要挑战和未来趋势，强调了其在增强 IDS 性能以保护关键基础设施方面的作用。