With the advancement of digital technologies, cyberattacks have become increasingly sophisticated, posing serious threats to personal privacy, national security, and organizational infrastructure. As modern cyber threats grow in complexity and intelligence, traditional network security approaches are proving insufficient. Existing detection methods often rely on complete connection information, making it difficult to identify attacks in time, or depend on packet payload inspection, which is limited to unencrypted traffic and raises privacy concerns.

To address these limitations, this study proposes a novel multi-class classification approach for cyberattack detection by introducing a Marked Neural Temporal Point Process (MNTPP) model that integrates deep learning techniques with Temporal Point Process (TPP) theory. Unlike conventional methods, the proposed model characterizes network flows by analyzing only inter-packet arrival time and packet sizes, enabling practical and efficient early detection with minimal packet information.

The MNTPP model captures temporal dependencies and patterns through inter-packet arrival time and leverages packet size as a mark to provide additional information for flow characterization. Experiments on real-world network traffic traces demonstrate its effectiveness in early attack detection, outperforming advanced deep sequence models such as bidirectional LSTM and sequence-to-sequence.