Abstract
The increasing prevalence of cyber threats has created a critical need for robust defense against such incidents. Many Cyber Intrusion Detection Systems (CIDSs), utilizing machine learning have been developed for this purpose. Although, these recent CIDSs have provided the capability to analyze vast amounts of data and identify malicious activities, there are still challenges to be tackled to enhance their effectiveness. The exponential growth of the search space is one of these challenges which makes finding an optimal solution computationally infeasible for large datasets. Furthermore, the weight space while searching for optimal weight is highly nonlinear. Motivated by the observed characteristics, complexities, and challenges in the field, this paper presents an innovative (CIDS) named ANWO-MLP (Adaptive Nonlinear Whale Optimization Multi-layer Perceptron). A novel feature selection method called ANWO-FS (Adaptive Nonlinear Whale Optimization-Feature Selection) is employed in the proposed CIDS to identify the most predictive features enabling robust MLP training even in the highly nonlinear weight spaces. The insider threat detection process is improved by investigating vital aspects of CIDS, including data processing, initiation, and output handling. We adopt ANWOA (previously proposed by us) to mitigate local stagnation, enable rapid convergence, optimize control parameters, and handle multiple objectives by initializing the weight vector in the ANWO-MLP training with minimal mean square error. Experiments conducted on three highly imbalanced datasets demonstrate an average efficacy rate of 98.33%. The details of the results below show the robustness, stability, and efficiency of the proposed ANWO-MLP compared to existing approaches.
Similar content being viewed by others
Data availability
All data generated or analyzed during this study are included in this published article.
Abbreviations
- P(1):
-
The population initialization
- \(p_c\) :
-
Probability variable (a random number in [0, 1])
- \(f_{circle_p}\) :
-
Circle map function
- \(f_{tent_p}\) :
-
Tent map function
- \(H_p\) :
-
A random number between 0 and 1
- t :
-
The current iteration
- \(\vec{Z}\) :
-
The position vector
- \({\vec{Z}}^*\) :
-
The position vector of the best solution
- \(\vec{Z}(t+1)\) :
-
The updated position \(\vec{Z}\) of a whale at the next step (t + 1)
- \(w_a\) :
-
The inertia weight coefficient (variable)
- \(\vec{A},\vec{C}\) :
-
Coefficient vectors
References
Liu Y, Peng Y, Wang B, Yao S, Liu Z (2017) Review on cyber-physical systems. IEEE/CAA J Autom Sin 4:27–40
Lee J, Bagheri B, Kao H-A (2015) A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manuf Lett 3:18–23
Yu X, Xue Y (2016) Smart grids: a cyber-physical systems perspective. Proc IEEE 104:1058–1070
Ramasamy LK, Khan F, Shah M, Prasad BVVS, Iwendi C, Biamba C (2022) Secure smart wearable computing through artificial intelligence-enabled internet of things and cyber-physical systems for health monitoring. Sensors 22:1076
Alshdadi AA (2021) Cyber-physical system with IoT-based smart vehicles. Soft Comput 25:12261–12273
Phillips K, Davidson JC, Farr RR, Burkhardt C, Caneppele S, Aiken MP (2022) Conceptualizing cybercrime: definitions, typologies and taxonomies. Forensic Sci 2:379–398
Zhou C, Hu B, Shi Y, Tian Y-C, Li X, Zhao Y (2020) A unified architectural approach for cyberattack-resilient industrial control systems. Proc IEEE 109:517–541
Miller T, Staves A, Maesschalck S, Sturdee M, Green B (2021) Looking back to look forward: lessons learnt from cyber-attacks on Industrial Control Systems. Int J Crit Infrastruct Prot 35:100464
Gupta A, Khan HU, Nazir S, Shafiq M, Shabaz M (2023) Metaverse security: issues, challenges and a viable ZTA model. Electronics 12:391
Pinto A, Herrera L-C, Donoso Y, Gutierrez JA (2023) Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure. Sensors 23:2415
Mukhamediev RI, Popova Y, Kuchin Y, Zaitseva E, Kalimoldayev A, Symagulov A, Levashenko V, Abdoldina F, Gopejenko V, Yakunin K et al (2022) Review of artificial intelligence and machine learning technologies: classification, restrictions, opportunities and challenges. Mathematics 10:2552
Khan MA, Iqbal N, Jamil H, Kim D-H et al (2023) An optimized ensemble prediction model using AutoML based on soft voting classifier for network intrusion detection. J Netw Comput Appl 212:103560
Mirjalili S, Lewis A (2016) The whale optimization algorithm. Adv Eng Softw 95:51–67
Edwin Singh C, Celestin Vigila SM (2023) WOA-DNN for intelligent intrusion detection and classification in MANET services. Intell Autom Soft Comput 35:1737–1751
Elmogy A, Miqrish H, Elawady W, El-Ghaish H (2023) ANWOA: an adaptive nonlinear whale optimization algorithm for high-dimensional optimization problems. Neural Comput Appl 30:1–16
Jamal AA, Majid A-AM, Konev A, Kosachenko T, Shelupanov A (2023) A review on security analysis of cyber physical systems using Machine learning. Mater Today: Proc 80:2302–2306
Bapat R, Mandya A, Liu X, Abraham B, Brown DE, Kang H, Veeraraghavan M (2018) Identifying malicious botnet traffic using logistic regression. In: 2018 Systems and information engineering design symposium (SIEDS). IEEE, pp 266–271
Besharati E, Naderan M, Namjoo E (2019) LR-HIDS: logistic regression host-based intrusion detection system for cloud environments. J Ambient Intell Humaniz Comput 3669–3692
Onah JO, Abdullahi M, Hassan IH, Al-Ghusham A et al (2021) Genetic Algorithm based feature selection and Naïve Bayes for anomaly detection in fog computing environment. Mach Learn Appl 6:100156
Kim J, Kim H et al (2017) An effective intrusion detection classifier using long short-term memory with gradient descent optimization. In: 2017 International conference on platform technology and service (PlatCon). IEEE, pp 1–6
Shyla S, Bhatnagar V, Bali V, Bali S (2022) Optimization of intrusion detection systems determined by ameliorated HNADAM-SGD algorithm. Electronics 11:507
Abdaljabar ZH, Ucan ON, Alheeti KMA (2021) An intrusion detection system for IoT using KNN and decision-tree based classification. In: 2021 International conference of modern trends in information and communication technology industry (MTICTI), vol 14. IEEE, pp 1–5
Balyan AK, Ahuja S, Lilhore UK, Sharma SK, Manoharan P, Algarni AD, Elmannai H, Raahemifar K (2022) A hybrid intrusion detection model using EGA-PSO and improved random forest method. Sensors 22:5986
Talukder MdA, Hasan KF, Islam MdM, Uddin MdA, Akhter A, Yousuf MA, Alharbi F, Moni MA (2023) A dependable hybrid machine learning model for network intrusion detection. J Inf Secur Appl 72:103405
Aldallal A, Alisa F (2021) Effective intrusion detection system to secure data in cloud using machine learning. Symmetry 13:2306
Manita G, Chhabra A, Korbaa O (2023) Efficient e-mail spam filtering approach combining logistic regression model and orthogonal atomic orbital search algorithm. Appl Soft Comput 144:
Tavoli R et al (2019) Providing a method to reduce the false alarm rate in network intrusion detection systems using the multilayer perceptron technique and backpropagation algorithm. In: 2019 5th Conference on knowledge based engineering and innovation (KBEI), pp 001–006. https://doi.org/10.1109/KBEI47048.2019.9032259
Sultana A, Bardalai A, Sarma KK (2022) Salp swarm-artificial neural network based cyber-attack detection in smart grid. Neural Process Lett 54:1–23
Jaw E, Wang X (2021) Feature selection and ensemble-based intrusion detection system: an efficient and comprehensive approach. Symmetry 13:1764
Sharma A, Tyagi U (2021) A hybrid approach of ANN-GWO technique for intrusion detection. In: 2021 International conference on recent trends on electronics, information, communication and technology (RTEICT). IEEE, pp 467–472
Alzaqebah A, Aljarah I, Al-Kadi O, Damaševičius R (2022) A modified grey wolf optimization algorithm for an intrusion detection system. Mathematics 10:999
University of New South Wales. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15). https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/. Accessed 22 Feb 2024
Jayaweera CD, Aziz N (2018) Development and comparison of extreme learning machine and multi-layer perceptron neural network models for predicting optimum coagulant dosage for water treatment. J Phys Conf Ser 1123:012032
Mirjalili S (2015) Moth-flame optimization algorithm: a novel nature-inspired heuristic paradigm. Knowl Based Syst 89:228–249
Alazab M, Khurma RA, Awajan A, Camacho D (2022) A new intrusion detection system based on moth–flame optimizer algorithm. Expert Syst Appl 210:1–35
Haghnegahdar L, Wang Y (2020) A whale optimization algorithm-trained artificial neural network for smart grid cyber intrusion detection. Neural Comput Appl 32:9427–9441
Khan IA, Pi D, Khan N, Khan ZU, Hussain Y, Nawaz A, Ali F (2021) A privacy-conserving framework based intrusion detection method for detecting and recognizing malicious behaviours in cyber-physical power networks. Appl Intell 51:7306–7321. https://doi.org/10.1007/s10489-021-02222-8
Shitharth S, Mohammed GB, Ramasamy J, Srivel R (2023) Intelligent intrusion detection algorithm based on multi-attack for edge-assisted internet of things. Secur Risk Anal Intell Edge Comput 2021:119–135
Rabie OBJ, Selvarajan S, Hasanin T, Alshareef AM, Yogesh CK, Uddin M (2024) A novel IoT intrusion detection framework using Decisive Red Fox optimization and descriptive back propagated radial basis function models. Sci Rep 14:386
Power System Dataset. https://www.kaggle.com/datasets/bachirbarika/power-system?resource=download Accessed 2 Jan 2024
Kaggle. https://www.kaggle.com/datasets/galaxyh/kdd-cup-1999-data. Accessed 2 Jan 2024
Ahsan MdM, Mahmud MAP, Saha PK, Gupta KD, Siddique Z (2021) Effect of data scaling methods on machine learning algorithms and model performance. Technologies 9:52
Kumar A, Saxena N, Jung S, Choi BJ (2021) Improving detection of false data injection attacks using machine learning with feature selection and oversampling. Energies 15:212
Nadimi-Shahraki MH, Asghari Varzaneh Z, Zamani H, Mirjalili S (2023) Binary starling murmuration optimizer algorithm to select effective features from medical data. Appl Sci 13:564
Bhoi AK, Mallick PK, Liu C-M, Balas VE (2021) Bio-inspired neurocomputing, vol 310. Springer, Berlin
Ahmad I, Ul Haq QE, Imran M, Alassafi MO, AlGhamdi RA (2022) An efficient network intrusion detection and classification system. Mathematics 10:530
Mirjalili S (2016) SCA: A sine cosine algorithm for solving optimization problems. Knowl Based Syst 96:120–133
Acknowledgements
This study is supported via Funding from Prince Sattam Bin Abdulaziz University Project Number (PSAU/2024/R/1445).
Author information
Authors and Affiliations
Contributions
H.E. wrote the introduction and did the literature survey. H.M. did the coding and simulations. W.E. did the analysis. A.E. did the design and structure. All authors reviewed the manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
El-Ghaish, H., Miqrish, H., Elmogy, A. et al. An adaptive nonlinear whale optimization multi-layer perceptron cyber intrusion detection framework. Int. J. Mach. Learn. & Cyber. (2024). https://doi.org/10.1007/s13042-024-02193-5
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s13042-024-02193-5