BiGAT-ID: Deep-Learning IDS for IoT
- The paper demonstrates a novel hybrid architecture that fuses bidirectional GRU, LSTM, and multi-head attention for effective multiclass intrusion detection.
- BiGAT-ID processes non-stationary IoT traffic from both medical and industrial domains using a dual-branch pipeline and tailored preprocessing to mitigate class imbalance.
- Empirical results show ~99% accuracy, low false positives, and minimal inference latency, confirming its robustness even in zero-day attack simulations.
BiGAT-ID is a deep-learning intrusion detection system (IDS) proposed for heterogeneous IoT security, explicitly expanded as “bidirectional GRU and Attention-based Transformer for intrusion detection.” It is designed for network-based multiclass intrusion detection over IoT traffic in two domains—Internet of Medical Things (IoMT) and Industrial Internet of Things (IIoT)—and is implemented as a hybrid architecture combining bidirectional gated recurrent units (BiGRU), long short-term memory (LSTM), and multi-head attention (MHA). In the paper’s usage, “cross-domain robustness” denotes that the same architecture maintains consistently strong detection performance across multiple heterogeneous IoT domains, rather than domain adaptation in the strict transfer-learning sense (Gueriani et al., 17 Aug 2025).
1. Problem setting and scope
BiGAT-ID is framed around the observation that IoMT and IIoT are increasingly interconnected and exposed to advanced cyber threats. In IoMT, the paper associates these threats with risks to patient safety, medical privacy, and clinical service continuity; in IIoT, it associates them with disruption of industrial operations, downtime, and effects on physical processes. The task is a network-based multiclass intrusion detection problem in which the IDS must classify normal traffic and multiple attack categories.
The paper treats IoT traffic as a non-stationary sequence whose semantics may depend on both short transient behaviors and longer session-level temporal patterns. The architectural choice to combine recurrent sequence modeling with attention follows directly from that formulation. Existing IDS work is described as often being evaluated on only one dataset or domain, as handling temporal dependencies weakly, as reporting false positives and inference time incompletely, and as showing poor robustness to class imbalance and unseen attacks.
The paper’s notion of cross-domain robustness is operational rather than adaptation-based. Strong performance on CICIoMT2024 and EdgeIIoTset with the same architecture, additional validation on TON_IoT, and leave-one-attack-out (LOAO) zero-day simulations are presented as evidence of robustness across medical and industrial IoT traffic. The paper does not describe a formal domain adaptation or cross-dataset transfer-learning protocol between CICIoMT2024 and EdgeIIoTset (Gueriani et al., 17 Aug 2025).
2. Architectural design
BiGAT-ID is presented as a dual-branch hybrid model with the following pipeline: input traffic features; preprocessing; sequential reshaping; two parallel branches; feature fusion; and a classification head. The preprocessing stage includes cleaning, encoding, balancing, train/test split, and one-hot labels. The selected tabular features are reshaped directly into 3D tensors for recurrent and attention processing.
The model uses dataset-specific sequence shapes: for IoMT and for IIoT. The paper does not introduce a separate embedding layer; instead, each sample is treated as a sequence of scalar feature steps. Branch 1 consists of a BiGRU with 64 units, followed by Layer Normalization, multi-head attention with 8 heads and key dimension 64, dropout of 0.5, and flattening. For IoMT, the BiGRU output is , and flattening yields . Branch 2 applies a single LSTM layer with 32 units and return_sequences=False, producing , followed by dropout of 0.5.
The outputs of the two branches are concatenated and passed to a classification head: Dense(64, ReLU) → Dense(32, ReLU) → Dense(6, Softmax). For the IoMT configuration, concatenation combines a 10624-dimensional flattened BiGRU-attention output with a 32-dimensional LSTM output, yielding 10656 features before classification. The paper reports 978,470 total parameters, all trainable.
Functionally, the BiGRU is used for efficient bidirectional context capture, the LSTM for deep sequential feature extraction and preservation of long-range dependencies, and the MHA module for enhancing contextual feature representation and emphasizing salient sequence positions. The abstract characterizes BiGAT-ID as a “novel transformer-based IDS,” but the architecture described in the paper is not a full Transformer encoder stack: there is no token embedding plus positional encoding stage, and no stack of self-attention plus feed-forward Transformer blocks. A technically closer description is a BiGRU-LSTM hybrid with multi-head attention (Gueriani et al., 17 Aug 2025).
3. Datasets, labels, and preprocessing
The principal evaluation uses two benchmark datasets. CICIoMT2024 is an IoMT dataset built from a testbed of 40 devices, with 25 physical and 15 simulated devices, 18 attack types, and 5 grouped categories; the paper reports a 6-class problem consisting of Benign/Normal traffic, MITM, MQTT, Recon, DDoS, and DoS. The classification report mentions 39,144 validated samples. EdgeIIoTset is an IIoT benchmark collected from a 7-layer IIoT testbed with 10 smart devices; it includes 14 attack types, 6 categories, and 61 selected features out of 1,176. Its 6-class setup is Normal traffic, DDoS, Information gathering, MITM, Injection, and Malware, with 59,276 validated samples. TON_IoT is used for additional validation and for zero-day and extended generalization experiments; it contains 44 features and benign traffic plus 9 attack categories.
The preprocessing pipeline begins with data cleaning and label analysis, followed by numerical encoding of categorical fields using LabelEncoder. Selected features are then reshaped into 3D matrices to fit sequential neural models. Class imbalance is mitigated differently by domain: Random Over Sampler (RoS) is used for IoMT, duplicating minority samples, whereas SMOTE is used for IIoT, generating synthetic minority samples by interpolation. Labels are one-hot encoded using to_categorical, and the dataset is split 80%/20% with stratified train_test_split.
The paper also states that focal loss was incorporated during training to down-weight easy examples and emphasize harder or minority-class samples. At the same time, it does not clearly specify the normalization or scaling method, does not state whether missing values existed or how they were handled, and does not provide a detailed temporal windowing scheme such as sliding windows or session segmentation. The sequence construction is therefore described as a reshaping of tabular traffic into a pseudo-sequential representation rather than an explicitly defined temporal segmentation procedure (Gueriani et al., 17 Aug 2025).
4. Training methodology and model selection
The model is compiled with the Adam optimizer and categorical cross-entropy loss, with learning rate . The main architecture uses dropout . Training and validation curves are shown over roughly 41 epochs in the paper’s figure, but the exact number of epochs used, batch size, early stopping criteria, implementation framework, and hardware are not explicitly stated in the provided text.
BiGAT-ID appears to be trained and evaluated separately on each dataset. The paper’s cross-domain claim is therefore tied to architectural consistency across datasets, not to joint training or direct parameter transfer between IoMT and IIoT domains. This distinction is important because the same architecture is shown on both domains, but a formal transfer-learning or domain-adaptation protocol is not described.
The ablation study compares architectural orderings of BiGRU, LSTM, and MHA; attention heads of 2, 4, and 8; dropout rates of 0.2, 0.3, 0.5, and 0.7; and unit configurations including BiGRU sizes 64 and 128 and LSTM sizes 32 and 256. The best balanced architecture is configuration #4, denoted
The paper reports that 8 heads gave the best tradeoff between accuracy and efficiency, dropout best controlled overfitting, and BiGRU with LSTM 0 gave the best balanced architecture (Gueriani et al., 17 Aug 2025).
5. Experimental results and empirical profile
The main reported results emphasize balanced-data performance, low false positive rate, and very low inference latency.
| Dataset | Accuracy | Loss | FPR |
|---|---|---|---|
| CICIoMT2024 | 99.13% | 0.0257 | 0.0013 |
| EdgeIIoTset | 99.34% | 0.0158 | 0.0013 |
The same evaluation reports precision, recall, and F1-score equal to 99.13% on CICIoMT2024 and 99.34% on EdgeIIoTset. For ROC analysis, all six classes on both datasets are reported as achieving AUC 1. Inference time per instance is reported as 0.0002 s for IoMT and 0.0001 s for IIoT. The paper repeatedly associates these latencies with real-time threat detection and resource-constrained deployment (Gueriani et al., 17 Aug 2025).
The confusion matrices indicate limited but structured error modes. On CICIoMT2024, benign traffic has 98% TPR, with 2% misclassified as MQTT; MQTT has 97% TPR, with 2% misclassified as benign; MITM, Recon, DDoS, and DoS each reach 100% TPR. On EdgeIIoTset, Normal traffic, MITM, Information gathering, and Malware each reach 100% TPR; DDoS reaches 99%, with 1% misclassified as injection; Injection reaches 97%, with 3% misclassified as DDoS. The paper suggests that DDoS and injection confusion may arise from shared abnormal request-rate characteristics.
Zero-day robustness is evaluated through LOAO simulations in which one attack class is excluded during training and tested as unseen behavior. The reported maximum validation results are accuracy 98.50% and loss 0.04 on EdgeIIoT, accuracy 99.23% and loss 0.01 on CICIoMT2024, and accuracy 98.07% and loss 0.06 on TON_IoT. The authors interpret this as evidence that the model can detect both signature-based and zero-day threats.
Relative to prior IDS approaches, the paper’s main comparative claim is not that BiGAT-ID attains the absolute highest single-dataset accuracy in every case. Table 6 includes a baseline, CNN-LSTM-ResNet-SA, with 99.88% accuracy on CICIoMT2024 but 33.30% on EdgeIIoT. By contrast, BiGAT-ID reports 99.13% on CICIoMT2024 and 99.34% on EdgeIIoT, with low FPR and very low inference time. This suggests that the paper prioritizes stable performance across domains and operational metrics rather than a single benchmark maximum (Gueriani et al., 17 Aug 2025).
6. Explainability, limitations, and naming ambiguities
The paper supplements predictive results with SHAP-based interpretability. On CICIoMT2024, the most influential features include feature 6 (Timestamp), feature 72 (Bwd Init Win Bytes), feature 20 (Flow Bytes/s), and feature 4 (Dst Port), with smaller contributions from Fwd IAT Min, ACK Flag Count, and Bwd Packets/s. On EdgeIIoTset, important features include feature 13 (http.request.uri.query), feature 30 (tcp.len), feature 10 (icmp.unused), feature 14 (http.request.method), and feature 31 (tcp.options), along with benign-related signals such as dns.qry.name and dns.retransmit_request_in. The paper uses this analysis to argue that BiGAT-ID captures both global and class-specific patterns.
Several caveats are explicit or strongly implied. Many implementation details are omitted, including hardware, framework, batch size, exact epoch schedule, early stopping, and precise normalization method. Cross-domain robustness is demonstrated through multiple datasets rather than formal domain adaptation. Evaluation remains benchmark-centered rather than a live operational deployment. Explainability is post hoc via SHAP rather than built into the model design. The “transformer-based” description is also loose in technical terms, because the architecture is fundamentally a recurrent hybrid with MHA, not a full Transformer.
A recurrent source of confusion is the acronym itself. In BiGAT-ID, “GAT” does not denote Graph Attention Network; the paper explicitly defines the name as “bidirectional GRU and Attention-based Transformer for intrusion detection,” and the architecture uses multi-head attention rather than graph attention. This distinguishes BiGAT-ID from similarly named models such as “Social-BiGAT,” which is a graph-based generative adversarial model for multimodal pedestrian trajectory forecasting built around Graph Attention Networks (Kosaraju et al., 2019). Within the BiGAT-ID paper, the novelty lies in the specific dual-branch fusion of BiGRU, LSTM, and MHA for cross-domain IoMT and IIoT intrusion detection, together with LOAO zero-day assessment and reporting of operational metrics such as FPR and inference time (Gueriani et al., 17 Aug 2025).