Advertisement

Anomaly-based intrusion detection system using multi-objective grey wolf optimisation algorithm

  • Taief Alaa Alamiedy
  • Mohammed AnbarEmail author
  • Zakaria N. M. Alqattan
  • Qusay M. Alzubi
Original Research
  • 13 Downloads

Abstract

The rapid development of information technology leads to increasing the number of devices connected to the Internet. Besides, the amount of network attacks also increased. Accordingly, there is an urgent demand to design a defence system proficient in discovering new kinds of attacks. One of the most effective protection systems is intrusion detection system (IDS). The IDS is an intelligent system that monitors and inspects the network packets to identify the abnormal behavior. In addition, the network packets comprise many attributes and there are many attributes that are irrelevant and repetitive which degrade the performance of the IDS system and overwhelm the system resources. A feature selection technique helps to reduce the computation time and complexity by selecting the optimum subset of features. In this paper, an enhanced anomaly-based IDS model based on multi-objective grey wolf optimisation (GWO) algorithm was proposed. The GWO algorithm was employed as a feature selection mechanism to identify the most relevant features from the dataset that contribute to high classification accuracy. Furthermore, support vector machine was used to estimate the capability of selected features in predicting the attacks accurately. Moreover, 20% of NSL–KDD dataset was used to demonstrate effectiveness of the proposed approach through different attack scenarios. The experimental result revealed that the proposed approach obtains classification accuracy of (93.64%, 91.01%, 57.72%, 53.7%) for DoS, Probe, R2L, and U2R attack respectively. Finally, the proposed approach was compared with other existing approaches and achieves significant result.

Keywords

Intrusion detection system Feature selection Multi-objective optimisation Swarm intelligence Grey wolf algorithm Support vector machine Classification 

Notes

References

  1. Acharya N, Singh S (2018) An IWD-based feature selection method for intrusion detection system. Soft Comput 22:4407–4416.  https://doi.org/10.1007/s00500-017-2635-2 CrossRefGoogle Scholar
  2. Alamiedy TA, Anbar M, Al-Ani AK et al (2019) Review on feature selection algorithms for anomaly-based intrusion detection system. Adv Intell Syst Comput 843:605–619.  https://doi.org/10.1007/978-3-319-99007-1_57 CrossRefGoogle Scholar
  3. Alomari O, Othman ZA (2012) Bees algorithm for feature selection in network anomaly detection β-Hill climbing for optimization problems view project feature selection on high-dimensional data view project. Artic J Appl Sci Res 8:1748–1756Google Scholar
  4. Alzubi QM, Anbar M, Alqattan ZNM et al (2019) Intrusion detection system based on a modified binary grey wolf optimisation. Neural Comput Appl 1:1–13.  https://doi.org/10.1007/s00521-019-04103-1
  5. Çavuşoğlu Ü (2019) A new hybrid approach for intrusion detection using machine learning methods. Appl Intell 49:2735–2761.  https://doi.org/10.1007/s10489-018-01408-x CrossRefGoogle Scholar
  6. Cortes C (1995) Support|[ndash]|vector networks. Mach Learn 20:273–297.  https://doi.org/10.1023/A:1022627411411 CrossRefzbMATHGoogle Scholar
  7. Dastanpour A, Ibrahim S, Mashinchi R (2014) Using genetic algorithm to supporting artificial neural network for intrusion detection system. J Commun Comput 11:1–13Google Scholar
  8. Devi EMR, Suganthe RC (2017) Feature selection in intrusion detection grey wolf optimizer. Asian J Res Soc Sci Humanit 7:671.  https://doi.org/10.5958/2249-7315.2017.00197.6 CrossRefGoogle Scholar
  9. Dhanabal L, Shantharajah DSP (2015) A Study On NSL–KDD dataset for intrusion detection system based on classification algorithms. Int J Adv Res Comput Commun Eng 4:446–452.  https://doi.org/10.17148/IJARCCE.2015.4696 CrossRefGoogle Scholar
  10. Emary E, Zawbaa HM (2016) Impact of chaos functions on modern swarm optimizers. PLoS One 11:1–26.  https://doi.org/10.1371/journal.pone.0158738 CrossRefGoogle Scholar
  11. Emary E, Zawbaa HM, Grosan C, Hassenian AE (2015) Feature subset selection approach by gray-wolf optimization. In: Afro-European Conference for Industrial Advancement. Springer, Cham, pp 1–13Google Scholar
  12. Emary E, Zawbaa HM, Hassanien AE (2016) Binary grey wolf optimization approaches for feature selection. Neurocomputing 172:371–381.  https://doi.org/10.1016/j.neucom.2015.06.083 CrossRefGoogle Scholar
  13. Emary E, Zawbaa HM, Hassanien AE, Parv B (2017) Multi-objective retinal vessel localization using flower pollination search algorithm with pattern search. Adv Data Anal Classif 11:611–627.  https://doi.org/10.1007/s11634-016-0257-7 MathSciNetCrossRefzbMATHGoogle Scholar
  14. Emary E, Zawbaa HM, Grosan C (2018) Experienced gray wolf optimization through reinforcement learning and neural networks. IEEE Trans Neural Networks Learn Syst 29:681–694.  https://doi.org/10.1109/TNNLS.2016.2634548 MathSciNetCrossRefGoogle Scholar
  15. Garg S, Kaur K, Kumar N et al (2019) A hybrid deep learning-based model for anomaly detection in cloud datacenter networks. IEEE Trans Netw Serv Manag 16:924–935.  https://doi.org/10.1109/tnsm.2019.2927886 CrossRefGoogle Scholar
  16. Ghanem WAHM, Jantan A (2016) Novel multi-objective artificial bee colony optimization for wrapper based feature selection in intruction detectoin. Int J Adv Soft Comput its Appl 8:70–81Google Scholar
  17. Gholipour Goodarzi B, Jazayeri H, Fateri S et al (2014) Intrusion detection system in computer network using hybrid algorithms (SVM and ABC). J Adv Comput Res 5:43–52Google Scholar
  18. Gu Q, Li X, Jiang S (2019) Hybrid genetic grey wolf algorithm for large-scale global optimization. Complexity 2019:2653512.  https://doi.org/10.1155/2019/2653512 Google Scholar
  19. Kim DS, Nguyen H-N, Ohn S-Y, Park JS (2010) Fusions of GA and SVM for anomaly detection in intrusion detection system. In: International Symposium on Neural Networks. pp 415–420CrossRefGoogle Scholar
  20. Kiran MS (2015) The continuous artificial bee colony algorithm for binary optimization. Appl Soft Comput J 33:15–23.  https://doi.org/10.1016/j.asoc.2015.04.007 CrossRefGoogle Scholar
  21. Kumar S, Joshi RC (2011) Design and implementation of IDS using snort, entropy and alert ranking system. In: 2011—international conference on signal processing, communication, computing and networking technologies, ICSCCN-2011. pp 264–268Google Scholar
  22. Kumar V, Prakash Sangwan O (2012) Signature based intrusion detection system using SNORT. Int J Comput Appl Inf Technol I, Issue III 1:2278–7720Google Scholar
  23. Kumari B, Swarnkar T (2011) Filter versus wrapper feature subset selection in large dimensionality microarray: a review. Int J Comput Sci Inf Technol 2:1048–1053Google Scholar
  24. Liao HJ, Richard Lin CH, Lin YC, Tung KY (2013) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36:16–24.  https://doi.org/10.1016/j.jnca.2012.09.004 CrossRefGoogle Scholar
  25. Liu R, Rallo R, Cohen Y (2011) Unsupervised feature selection using incremental least squares. Int J Inf Technol Decis Mak 10:967–987.  https://doi.org/10.1142/s0219622011004671 CrossRefGoogle Scholar
  26. Lotfi Shahreza M, Moazzami D, Moshiri B, Delavar MR (2011) Anomaly detection using a self-organizing map and particle swarm optimization. Sci Iran 18:1460–1468.  https://doi.org/10.1016/j.scient.2011.08.025 CrossRefGoogle Scholar
  27. Lu C, Gao L, Li X, Xiao S (2017) A hybrid multi-objective grey wolf optimizer for dynamic scheduling in a real-world welding industry. Eng Appl Artif Intell 57:61–79CrossRefGoogle Scholar
  28. Makhadmeh SN, Khader AT, Al-Betar MA, Naim S (2018) Multi-objective power scheduling problem in smart homes using grey wolf optimiser. J Ambient Intell Humaniz Comput.  https://doi.org/10.1007/s12652-018-1085-8 CrossRefGoogle Scholar
  29. Mirjalili S (2014) Grey wolf optimizer MATLAB code. Adv Eng Softw 69:46–61CrossRefGoogle Scholar
  30. Negandhi P, Trivedi Y, Mangrulkar R (2019) Intrusion detection system using random forest on the NSL–KDD dataset. Emerging research in computing. Information communication and applications. Springer, Berlin, pp 519–531CrossRefGoogle Scholar
  31. Özgür A, Erdem H (2017) The impact of using large training data set KDD99 on classification accuracy. PeerJ Prepr 5:e2838v1Google Scholar
  32. Rani MS, Xavier SB (2015) A hybrid intrusion detection system based on C5. 0 decision tree and one-class SVM [J]. Int J Curr Eng Technol 5:2001–2007Google Scholar
  33. Roopa Devi EM, Suganthe RC (2018) Enhanced transductive support vector machine classification with grey wolf optimizer cuckoo search optimization for intrusion detection system. Concurr Comput 1–11.  https://doi.org/10.1002/cpe.4999
  34. Seth JK, Chandra S (2016) Intrusion detection based on key feature selection using binary GWO. In: 2016 3rd international conference on computing for sustainable global development (INDIACom). pp 3735–3740Google Scholar
  35. Shah B, Trivedi BH (2013) Data set normalization: for anomaly detection using back propagation neural network. In: IEEE-international conference on research and development prospectus on engineering and technology (ICRDPET)Google Scholar
  36. Shen J, Wang J (2011) Network intrusion detection by artificial immune system. In: IECON proceedings (industrial electronics conference). pp 4716–4720Google Scholar
  37. Srivastava D, Singh R, Singh V (2019a) An intelligent gray wolf optimizer: a nature inspired technique in intrusion detection system (IDS). J Adv Robot 6:18–24Google Scholar
  38. Srivastava D, Singh R, Singh V et al (2019b) Analysis of different hybrid methods for intrusion detection system. 757–764CrossRefGoogle Scholar
  39. Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE, pp 1–6Google Scholar
  40. Tribak H, Delgado-Márquez BL, Rojas P et al (2012) Statistical analysis of different artificial intelligent techniques applied to intrusion detection system. In: Proceedings of 2012 international conference on multimedia computing and systems, ICMCS 2012. pp 434–440Google Scholar
  41. Velliangiri S (2019) A hybrid BGWO with KPCA for intrusion detection. J Exp Theor Artif Intell 00:1–16.  https://doi.org/10.1080/0952813x.2019.1647558 CrossRefGoogle Scholar
  42. Vithalpura JS, Diwanji HM (2015) Analysis of fitness function in designing genetic algorithm based intrusion detection system. J Sci Res Dev 3:86–92Google Scholar
  43. Wolf L, Shashua A (2005) Feature selection for unsupervised and supervised inference: the emergence of sparsity in a weighted-based approach. J Mach Learn Res 6:378–384.  https://doi.org/10.1109/iccv.2003.1238369 CrossRefzbMATHGoogle Scholar
  44. Xingzhu W (2015) ACO and SVM selection feature weighting of network intrusion detection method. Int J Secur its Appl 9:259–270.  https://doi.org/10.14257/ijsia.2015.9.4.24 CrossRefGoogle Scholar
  45. Xu H, Liu X, Su J (2017) An improved grey Wolf optimizer algorithm integrated with cuckoo search. In: Proceedings of the 2017 IEEE 9th international conference on intelligent data acquisition and advanced computing systems: technology and applications, IDAACS 2017. pp 490–493Google Scholar
  46. Zawbaa HM, Emary E, Grosan C, Snasel V (2018) Large-dimensionality small-instance set feature selection: a hybrid bio-inspired heuristic approach. Swarm Evol Comput 42:29–42.  https://doi.org/10.1016/j.swevo.2018.02.021 CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  1. 1.National Advanced IPv6 Centre of Excellence (NAv6)Universiti Sains MalaysiaPenangMalaysia

Personalised recommendations