Skip to main content
SpringerLink
Log in

An adaptive nonlinear whale optimization multi-layer perceptron cyber intrusion detection framework

  • Original Article
  • Published:
International Journal of Machine Learning and Cybernetics Aims and scope Submit manuscript

Abstract

The increasing prevalence of cyber threats has created a critical need for robust defense against such incidents. Many Cyber Intrusion Detection Systems (CIDSs), utilizing machine learning have been developed for this purpose. Although, these recent CIDSs have provided the capability to analyze vast amounts of data and identify malicious activities, there are still challenges to be tackled to enhance their effectiveness. The exponential growth of the search space is one of these challenges which makes finding an optimal solution computationally infeasible for large datasets. Furthermore, the weight space while searching for optimal weight is highly nonlinear. Motivated by the observed characteristics, complexities, and challenges in the field, this paper presents an innovative (CIDS) named ANWO-MLP (Adaptive Nonlinear Whale Optimization Multi-layer Perceptron). A novel feature selection method called ANWO-FS (Adaptive Nonlinear Whale Optimization-Feature Selection) is employed in the proposed CIDS to identify the most predictive features enabling robust MLP training even in the highly nonlinear weight spaces. The insider threat detection process is improved by investigating vital aspects of CIDS, including data processing, initiation, and output handling. We adopt ANWOA (previously proposed by us) to mitigate local stagnation, enable rapid convergence, optimize control parameters, and handle multiple objectives by initializing the weight vector in the ANWO-MLP training with minimal mean square error. Experiments conducted on three highly imbalanced datasets demonstrate an average efficacy rate of 98.33%. The details of the results below show the robustness, stability, and efficiency of the proposed ANWO-MLP compared to existing approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Algorithm 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Data availability

All data generated or analyzed during this study are included in this published article.

Abbreviations

P(1):

The population initialization

\(p_c\) :

Probability variable (a random number in [0, 1])

\(f_{circle_p}\) :

Circle map function

\(f_{tent_p}\) :

Tent map function

\(H_p\) :

A random number between 0 and 1

t :

The current iteration

\(\vec{Z}\) :

The position vector

\({\vec{Z}}^*\) :

The position vector of the best solution

\(\vec{Z}(t+1)\) :

The updated position \(\vec{Z}\) of a whale at the next step (t + 1)

\(w_a\) :

The inertia weight coefficient (variable)

\(\vec{A},\vec{C}\) :

Coefficient vectors

References

  1. Liu Y, Peng Y, Wang B, Yao S, Liu Z (2017) Review on cyber-physical systems. IEEE/CAA J Autom Sin 4:27–40

    Article  Google Scholar 

  2. Lee J, Bagheri B, Kao H-A (2015) A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manuf Lett 3:18–23

    Article  Google Scholar 

  3. Yu X, Xue Y (2016) Smart grids: a cyber-physical systems perspective. Proc IEEE 104:1058–1070

    Article  Google Scholar 

  4. Ramasamy LK, Khan F, Shah M, Prasad BVVS, Iwendi C, Biamba C (2022) Secure smart wearable computing through artificial intelligence-enabled internet of things and cyber-physical systems for health monitoring. Sensors 22:1076

    Article  Google Scholar 

  5. Alshdadi AA (2021) Cyber-physical system with IoT-based smart vehicles. Soft Comput 25:12261–12273

    Article  Google Scholar 

  6. Phillips K, Davidson JC, Farr RR, Burkhardt C, Caneppele S, Aiken MP (2022) Conceptualizing cybercrime: definitions, typologies and taxonomies. Forensic Sci 2:379–398

    Article  Google Scholar 

  7. Zhou C, Hu B, Shi Y, Tian Y-C, Li X, Zhao Y (2020) A unified architectural approach for cyberattack-resilient industrial control systems. Proc IEEE 109:517–541

    Article  Google Scholar 

  8. Miller T, Staves A, Maesschalck S, Sturdee M, Green B (2021) Looking back to look forward: lessons learnt from cyber-attacks on Industrial Control Systems. Int J Crit Infrastruct Prot 35:100464

    Article  Google Scholar 

  9. Gupta A, Khan HU, Nazir S, Shafiq M, Shabaz M (2023) Metaverse security: issues, challenges and a viable ZTA model. Electronics 12:391

    Article  Google Scholar 

  10. Pinto A, Herrera L-C, Donoso Y, Gutierrez JA (2023) Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure. Sensors 23:2415

    Article  Google Scholar 

  11. Mukhamediev RI, Popova Y, Kuchin Y, Zaitseva E, Kalimoldayev A, Symagulov A, Levashenko V, Abdoldina F, Gopejenko V, Yakunin K et al (2022) Review of artificial intelligence and machine learning technologies: classification, restrictions, opportunities and challenges. Mathematics 10:2552

    Article  Google Scholar 

  12. Khan MA, Iqbal N, Jamil H, Kim D-H et al (2023) An optimized ensemble prediction model using AutoML based on soft voting classifier for network intrusion detection. J Netw Comput Appl 212:103560

    Article  Google Scholar 

  13. Mirjalili S, Lewis A (2016) The whale optimization algorithm. Adv Eng Softw 95:51–67

    Article  Google Scholar 

  14. Edwin Singh C, Celestin Vigila SM (2023) WOA-DNN for intelligent intrusion detection and classification in MANET services. Intell Autom Soft Comput 35:1737–1751

    Article  Google Scholar 

  15. Elmogy A, Miqrish H, Elawady W, El-Ghaish H (2023) ANWOA: an adaptive nonlinear whale optimization algorithm for high-dimensional optimization problems. Neural Comput Appl 30:1–16

    Google Scholar 

  16. Jamal AA, Majid A-AM, Konev A, Kosachenko T, Shelupanov A (2023) A review on security analysis of cyber physical systems using Machine learning. Mater Today: Proc 80:2302–2306

    Google Scholar 

  17. Bapat R, Mandya A, Liu X, Abraham B, Brown DE, Kang H, Veeraraghavan M (2018) Identifying malicious botnet traffic using logistic regression. In: 2018 Systems and information engineering design symposium (SIEDS). IEEE, pp 266–271

  18. Besharati E, Naderan M, Namjoo E (2019) LR-HIDS: logistic regression host-based intrusion detection system for cloud environments. J Ambient Intell Humaniz Comput 3669–3692

  19. Onah JO, Abdullahi M, Hassan IH, Al-Ghusham A et al (2021) Genetic Algorithm based feature selection and Naïve Bayes for anomaly detection in fog computing environment. Mach Learn Appl 6:100156

    Google Scholar 

  20. Kim J, Kim H et al (2017) An effective intrusion detection classifier using long short-term memory with gradient descent optimization. In: 2017 International conference on platform technology and service (PlatCon). IEEE, pp 1–6

  21. Shyla S, Bhatnagar V, Bali V, Bali S (2022) Optimization of intrusion detection systems determined by ameliorated HNADAM-SGD algorithm. Electronics 11:507

    Article  Google Scholar 

  22. Abdaljabar ZH, Ucan ON, Alheeti KMA (2021) An intrusion detection system for IoT using KNN and decision-tree based classification. In: 2021 International conference of modern trends in information and communication technology industry (MTICTI), vol 14. IEEE, pp 1–5

  23. Balyan AK, Ahuja S, Lilhore UK, Sharma SK, Manoharan P, Algarni AD, Elmannai H, Raahemifar K (2022) A hybrid intrusion detection model using EGA-PSO and improved random forest method. Sensors 22:5986

    Article  Google Scholar 

  24. Talukder MdA, Hasan KF, Islam MdM, Uddin MdA, Akhter A, Yousuf MA, Alharbi F, Moni MA (2023) A dependable hybrid machine learning model for network intrusion detection. J Inf Secur Appl 72:103405

    Google Scholar 

  25. Aldallal A, Alisa F (2021) Effective intrusion detection system to secure data in cloud using machine learning. Symmetry 13:2306

    Article  Google Scholar 

  26. Manita G, Chhabra A, Korbaa O (2023) Efficient e-mail spam filtering approach combining logistic regression model and orthogonal atomic orbital search algorithm. Appl Soft Comput 144:

    Article  Google Scholar 

  27. Tavoli R et al (2019) Providing a method to reduce the false alarm rate in network intrusion detection systems using the multilayer perceptron technique and backpropagation algorithm. In: 2019 5th Conference on knowledge based engineering and innovation (KBEI), pp 001–006. https://doi.org/10.1109/KBEI47048.2019.9032259

  28. Sultana A, Bardalai A, Sarma KK (2022) Salp swarm-artificial neural network based cyber-attack detection in smart grid. Neural Process Lett 54:1–23

    Article  Google Scholar 

  29. Jaw E, Wang X (2021) Feature selection and ensemble-based intrusion detection system: an efficient and comprehensive approach. Symmetry 13:1764

    Article  Google Scholar 

  30. Sharma A, Tyagi U (2021) A hybrid approach of ANN-GWO technique for intrusion detection. In: 2021 International conference on recent trends on electronics, information, communication and technology (RTEICT). IEEE, pp 467–472

  31. Alzaqebah A, Aljarah I, Al-Kadi O, Damaševičius R (2022) A modified grey wolf optimization algorithm for an intrusion detection system. Mathematics 10:999

    Article  Google Scholar 

  32. University of New South Wales. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15). https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/. Accessed 22 Feb 2024

  33. Jayaweera CD, Aziz N (2018) Development and comparison of extreme learning machine and multi-layer perceptron neural network models for predicting optimum coagulant dosage for water treatment. J Phys Conf Ser 1123:012032

    Article  Google Scholar 

  34. Mirjalili S (2015) Moth-flame optimization algorithm: a novel nature-inspired heuristic paradigm. Knowl Based Syst 89:228–249

    Article  Google Scholar 

  35. Alazab M, Khurma RA, Awajan A, Camacho D (2022) A new intrusion detection system based on moth–flame optimizer algorithm. Expert Syst Appl 210:1–35

    Article  Google Scholar 

  36. Haghnegahdar L, Wang Y (2020) A whale optimization algorithm-trained artificial neural network for smart grid cyber intrusion detection. Neural Comput Appl 32:9427–9441

    Article  Google Scholar 

  37. Khan IA, Pi D, Khan N, Khan ZU, Hussain Y, Nawaz A, Ali F (2021) A privacy-conserving framework based intrusion detection method for detecting and recognizing malicious behaviours in cyber-physical power networks. Appl Intell 51:7306–7321. https://doi.org/10.1007/s10489-021-02222-8

    Article  Google Scholar 

  38. Shitharth S, Mohammed GB, Ramasamy J, Srivel R (2023) Intelligent intrusion detection algorithm based on multi-attack for edge-assisted internet of things. Secur Risk Anal Intell Edge Comput 2021:119–135

    Article  Google Scholar 

  39. Rabie OBJ, Selvarajan S, Hasanin T, Alshareef AM, Yogesh CK, Uddin M (2024) A novel IoT intrusion detection framework using Decisive Red Fox optimization and descriptive back propagated radial basis function models. Sci Rep 14:386

    Article  Google Scholar 

  40. Power System Dataset. https://www.kaggle.com/datasets/bachirbarika/power-system?resource=download Accessed 2 Jan 2024

  41. Kaggle. https://www.kaggle.com/datasets/galaxyh/kdd-cup-1999-data. Accessed 2 Jan 2024

  42. Ahsan MdM, Mahmud MAP, Saha PK, Gupta KD, Siddique Z (2021) Effect of data scaling methods on machine learning algorithms and model performance. Technologies 9:52

    Article  Google Scholar 

  43. Kumar A, Saxena N, Jung S, Choi BJ (2021) Improving detection of false data injection attacks using machine learning with feature selection and oversampling. Energies 15:212

    Article  Google Scholar 

  44. Nadimi-Shahraki MH, Asghari Varzaneh Z, Zamani H, Mirjalili S (2023) Binary starling murmuration optimizer algorithm to select effective features from medical data. Appl Sci 13:564

    Article  Google Scholar 

  45. Bhoi AK, Mallick PK, Liu C-M, Balas VE (2021) Bio-inspired neurocomputing, vol 310. Springer, Berlin

    Book  Google Scholar 

  46. Ahmad I, Ul Haq QE, Imran M, Alassafi MO, AlGhamdi RA (2022) An efficient network intrusion detection and classification system. Mathematics 10:530

    Article  Google Scholar 

  47. Mirjalili S (2016) SCA: A sine cosine algorithm for solving optimization problems. Knowl Based Syst 96:120–133

    Article  Google Scholar 

Download references

Acknowledgements

This study is supported via Funding from Prince Sattam Bin Abdulaziz University Project Number (PSAU/2024/R/1445).

Author information

Author notes

  1. Hany El-Ghaish, Haitham Miqrish, Ahmed Elmogy and Wael Elawady contributed equally to this work.

Authors and Affiliations

  1. Computers and Control Engineering Department, Tanta University, Tanta, 31527, Egypt

    Hany El-Ghaish, Haitham Miqrish & Wael Elawady

  2. Computer Engineering Department, Prince Sattam Bin Abdulaziz University, 16273, Al-Kharj, Kingdom of Saudi Arabia

    Ahmed Elmogy

  3. Faculty of Engineering, Tanta University, Tanta, 31527, Egypt

    Ahmed Elmogy

Authors
  1. Hany El-Ghaish
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haitham Miqrish
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmed Elmogy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wael Elawady
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

H.E. wrote the introduction and did the literature survey. H.M. did the coding and simulations. W.E. did the analysis. A.E. did the design and structure. All authors reviewed the manuscript.

Corresponding author

Correspondence to Ahmed Elmogy.

Ethics declarations

Conflict of interest

The authors declare no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

El-Ghaish, H., Miqrish, H., Elmogy, A. et al. An adaptive nonlinear whale optimization multi-layer perceptron cyber intrusion detection framework. Int. J. Mach. Learn. & Cyber. (2024). https://doi.org/10.1007/s13042-024-02193-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s13042-024-02193-5

Keywords

Search

Navigation