Algorithm 1 LSTM and Petri Net Workflow for IDS

1:Data Preprocessing:   2:Load dataset   3:Balance benign and attack packets   4:Labels mapping (0 for benign, 1 for attack)   5:Handle missing and infinite values   6:Standardize features   7:Remove highly correlated features   8:Apply PCA to reduce dimensionality   9:Prepare Data for LSTM: 10:Convert data to sequences of window size 50 11:Split data into training, validation, and test sets 12:LSTM Model Training: 13:Define LSTM model with layers 14:Compile model with binary cross-entropy loss and Adam optimizer 15:Train model with training and validation data 16:Save trained model 17:LSTM Model Evaluation: 18:Evaluate model on test data 19:Calculate confusion matrix and classification report 20:Petri Net Definition: 21:Define places: $p1,p2,p3,b,a,n$ 22:Define transitions: $t1,t2,t3,t4$ 23:Define arcs: 24:$t1$: $b\to p1$ 25:$t2$: $p1\to p2$ & $p1\to p3$ 26:$t3$: $p2\to a$ & $p2\to b$ 27:$t4$: $p3\to n$ & $p3\to b$ 28:Petri Net Execution: 29:Initialize Petri Net with test data 30:for $i=1$ to 10 do 31:   Fire transition $t1$ to simulate packet arrival 32:   for $j=1$ to 50 do 33:     Wait for next packet 34:     Fire transition $t1$ to simulate packet arrival 35:   end for 36:   Fire transition $t2$ to predict packet flow using LSTM 37:   if $p2$ has token and $p3$ does not then 38:     Fire transition $t4$ (Benign packet flow) 39:     Store packets in non-blocked list 40:   else 41:     Fire transition $t3$ (Attack packet flow) 42:     Store packets in blocked list 43:   end if 44:   Move to next set of packets 45:end for