A multi-environment (M-En) network, integrating various network architectures, faces significant challenges in detecting malicious traffic due to diverse protocols and traffic patterns. Developing separate security frameworks for each network type increases management overhead, limits scalability, and raises costs. Another issue in this domain is the limited deployment-oriented validation of malicious traffic detection systems (MTDS), which restricts their effectiveness in protecting M-En networks under live conditions. To address these challenges, this study proposes a unified simulation-based, deployment-feasible, transfer learning-based MTDS for M-En networks, with a focus on both IoT and traditional IP-based infrastructures. In our client-server simulation setup on Ubuntu, the client captures traffic at the central gateway and forwards it to the server for analysis, where flagged malicious packets are discarded at the gateway following batch-level analysis. A representative M-En feasibility dataset is generated using partial least squares (PLS) canonical analysis by merging two benchmark datasets, IoT23 (IoT malware traffic) and CICDDoS2019 (traditional IP-based DDoS traffic). An RNN-LSTM-based transfer learning model is employed for feature extraction from this M-En dataset, and various machine learning algorithms are trained and evaluated in both offline and deployment-oriented simulation settings. Logistic Regression emerges as the best-performing model, achieving a mean accuracy of 0.98 in offline testing and 0.71 during simulation-based gateway evaluation, along with the lowest computational time (averaging 0.521 seconds offline and 0.59 seconds per batch during simulated deployment) and minimal memory and CPU usage.
Rustam et al. (Sun,) studied this question.