With the rapid development of artificial intelligence technology, the demand for detecting Zero-Day Attacks in cybersecurity is growing rapidly. Traditional intrusion detection models perform well in dealing with known attacks, but their generalization ability for unknown attacks is insufficient. This paper proposes a Cost-Aware and Progressive Input Embedding-Based Rejection Zero-Day Attack Detection Model. It enhances the representation ability for unknown attacks through progressive feature extraction and classifies samples with higher outliers as Zero-Day Attacks through rejection classification. Meanwhile, the cost-aware module optimizes the classification priority, making up for the deficiencies of previous models in data feature extraction and classification refinement. On the UNSW-NB15 dataset, the experimental results show that the Zero-Day Detection Rate (Z-DR) of this model on the UNSW-NB15 dataset reaches 89.92%, with FAR ranging from 4% to 20% across different attack types. The accuracy and F1 value are 96.63% and 95.95% respectively, which are significantly better than those of traditional multi-layer perceptron (MLP) and random forest (RF) models. The research also regulates the balance between Z-DR and FAR through cost matrices and evaluates the efficiency of the model under different data scales. The results show that this model has significant advantages in improving detection performance and practical application, providing new ideas for the optimization of the cyber security defense system.

Keywords: Zero-Day Attack Detection, Reject Classification, Cost-Aware, Progressive Feature Extraction, Network Security