To address severe class imbalance among rare attack types in Network Intrusion Detection Systems (NIDS), which degrades detection performance, this paper proposes the Dual-Conditional Batch Normalization Conditional Variational Autoencoder (DCBN-CVAE). It is the first to integrate Conditional Batch Normalization (CBN) into a Conditional Variational Autoencoder (CVAE), enabling dual conditioning on both class labels and latent variables—thereby significantly improving the class specificity and fidelity of generated samples. Evaluated on the NSL-KDD dataset, the method effectively mitigates data imbalance, yielding an average 8.3% improvement in F1-score for rare attack detection—outperforming GAN-based baselines while incurring lower computational overhead. The core contributions are: (i) the novel DCBN-CVAE architecture; and (ii) a lightweight, efficient, and interpretable class-aware generative data augmentation paradigm.

Network Intrusion Detection Systems (NIDS) face challenges due to class imbalance, affecting their ability to detect novel and rare attacks. This paper proposes a Dual-Conditional Batch Normalization Variational Autoencoder ($ ext{C}^{2} ext{BNVAE}$) for generating balanced and labeled network traffic data. $ ext{C}^{2} ext{BNVAE}$ improves the model's adaptability to different data categories and generates realistic category-specific data by incorporating Conditional Batch Normalization (CBN) into the Conditional Variational Autoencoder (CVAE). Experiments on the NSL-KDD dataset show the potential of $ ext{C}^{2} ext{BNVAE}$ in addressing imbalance and improving NIDS performance with lower computational overhead compared to some baselines.