Abstract: The contemporary world of high connectivity in the digital realm has presented cybersecurity with more advanced threats, such as advanced malware and network attacks, which in most cases will not be detected using traditional detection tools. Static cybersecurity tools, which are traditional, often fail to deal with dynamic and hitherto unseen attacks, including signature-based antivirus systems and rule-based intrusion detection. To address this issue, we would suggest a two-part, AI-powered solution to cybersecurity which would allow real-time threat detection on an endpoint and a network level. The first element uses a Feed-forward Neural Network (FNN) to categorize Windows Porta-ble Executable (PE) files, whether they are benign or malicious, by using structured static features. The second component im-proves network anomaly detection with a deep learning model that is augmented by Generative Adversarial Networks (GAN) and effectively addresses the data imbalance issue and sensitivi-ty to rare cyber-attacks. To enhance its performance further, the system is integrated with the MITRE ATT&CK adversarial tactics and techniques, which correlate real-time detection re-sults with adversarial tactics and techniques, thus offering ac-tionable context to incident response teams. Tests based on open-source datasets provided accuracies of 98.0 per cent of malware detection and 96.2 per cent of network anomaly detec-tion. Data augmentation using GAN was very effective in im-proving the detection of less popular attacks, including SQL injections and internal reconnaissance. Moreover, the system is horizontally scalable and responsive in real-time due to Docker-based deployment. The suggested framework is an effective, explainable and scalable cybersecurity defense system, which is perfectly applicable to Managed Security Service Providers (MSSPs) and Security Operations Centers (SOCs), greatly in-creasing the precision rate and contextual insight of threat detection.

Migara H. M. S, Sandakelum M. D. B, Maduranga D. B. W. N, Kumara D. D. K. C, Harinda Fernando and Kavinga Abeywardena. “A Deep Learning-Based Dual-Model Framework for Real-Time Malware and Network Anomaly Detection with MITRE ATT&CK Integration”. International Journal of Advanced Computer Science and Applications (IJACSA) 16.7 (2025). http://dx.doi.org/10.14569/IJACSA.2025.0160728

@article{S2025,
title = {A Deep Learning-Based Dual-Model Framework for Real-Time Malware and Network Anomaly Detection with MITRE ATT&CK Integration},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160728},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160728},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {7},
author = {Migara H. M. S and Sandakelum M. D. B and Maduranga D. B. W. N and Kumara D. D. K. C and Harinda Fernando and Kavinga Abeywardena}
}