Network Anomaly Detection Using Artificial Neural Networks Optimised with PSO-DE Hybrid

  • K. RitheshEmail author
  • Adwaith V. Gautham
  • K. Chandra Sekaran
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 969)


Anomaly Detection is an important field of research in the present age of ubiquitous computing. Increased importance in Network Monitoring and Security due to the growing Internet is the driving force for coming up with new techniques for detecting anomalies in network behaviour. In this paper, Artificial Neural Network (ANN) model optimised with a hybrid of Particle Swarm Optimiser (PSO) and Differential Evolution (DE) is proposed to monitor the behaviour of the network and detect any anomaly in it. We have considered two subsets of 2000 and 10000 dataset size of the NSL KDD dataset for training and testing our model and the results from this model is compared with the traditional ANN-PSO algorithm, and one of the existing variants of PSO-DE algorithm. The performance measures used for the analysis of results are the training time, precision, recall and f1-score.


Network traffic Stream data analysis Anomaly-based NIDS Neural network Swarm optimiser Differential Evolution 


  1. 1.
    Yang, H., Xie, F., Lu, F.: Research on network anomaly detection based on clustering and classifier. In: 2006 International Conference on Computational Intelligence and Security, Guangzhou, pp. 592–597 (2006)Google Scholar
  2. 2.
    Common Types of Network Attacks - Microsoft DocsGoogle Scholar
  3. 3.
    Holm, H.: Signature based intrusion detection for zero-day attacks. In: 2014 47th Hawaii International Conference on System Sciences, Waikoloa, HI, pp. 4895–4904 (2014)Google Scholar
  4. 4.
    Zhang, W., Yang, Q., Geng, Y.: A survey of anomaly detection methods in networks. In: 2009 International Symposium on Computer Network and Multimedia Technology, Wuhan, pp. 1–3 (2009)Google Scholar
  5. 5.
    Andropov, S., Guirik, A., Budko, M., Budko, M.: Network anomaly detection using artificial neural networks. In: 2017 20th Conference of Open Innovations Association (FRUCT), St. Petersburg (2017)Google Scholar
  6. 6.
    Almansob, S.M., Lomte, S.S.: Addressing challenges for intrusion detection system using naive Bayes and PCA algorithm. In: 2017 2nd International Conference for Convergence in Technology (I2CT), Mumbai, pp. 565–568 (2017)Google Scholar
  7. 7.
    Mabu, S., Chen, C., Lu, N., Shimada, K., Hirasawa, K.: An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 41(1), 130–139 (2011)CrossRefGoogle Scholar
  8. 8.
    Kevric, J., Jukic, S., Subasi, S.: An effective combining classifier approach using tree algorithms for network intrusion detection. Neural Comput. Appl., 1–8 (2016)Google Scholar
  9. 9.
    Lei, Y.: Network anomaly traffic detection algorithm based on SVM. In: 2017 International Conference on Robots & Intelligent System (ICRIS), Huai’an, pp. 217–220 (2017).
  10. 10.
    Thakong, M., Wongthanavasu, S.: Packet header anomaly detection using bayesian belief network. ECTI Trans. Comput. Inf. Technol. 3(1), 26–30 (2007)Google Scholar
  11. 11.
    Li, W., Duan, M., Chen, Y.: Network anomaly detection based on MRMHC-SVM algorithm. In: 2008 IEEE International Multitopic Conference, Karachi, pp. 307–312 (2008)Google Scholar
  12. 12.
    Al-Janabi, S.T.F., Saeed, H.A.: A neural network based anomaly intrusion detection system. In: 2011 Developments in E-systems Engineering, Dubai, pp. 221–226 (2011)Google Scholar
  13. 13.
    Su, M.-Y.: Real-time anomaly detection systems for Denial-of-Service attacks by weighted k-nearest-neighbor classifiers. Expert Syst. Appl. 38(4), 3492–3498 (2011)CrossRefGoogle Scholar
  14. 14.
    Singh, S., Silakari, S.: An ensemble approach for feature selection of Cyber Attack Dataset. Int. J. Comput. Sci. Inf. Secur. P12-(IJCSIS), 6(2), 297–302 (2009)Google Scholar
  15. 15.
    Peddabachigari, S., Abraham, A., Grosan, C., Thomas, J.: Modeling intrusion detection system using hybrid intelligent systems. J. Netw. Comput. Appl 30(1), 114–132 (2007)CrossRefGoogle Scholar
  16. 16.
    Lin, W.-C., Ke, S.-W., Tsai, C.-F.: CANN: an intrusion detection system based on combining cluster centers and nearest neighbors. Knowl. Based Syst. 78, 13–21 (2015)CrossRefGoogle Scholar
  17. 17.
    Li, H.: Research and Implementation of an anomaly detection model based on clustering analysis. In: 2010 International Symposium on Intelligence Information Processing and Trusted Computing, Huanggang, pp. 458–462 (2010)Google Scholar
  18. 18.
    Leon, E., Nasraoui, O., Gomez, J.: Anomaly detection based on unsupervised niche clustering with application to network intrusion detection. In: Proceedings of the 2004 Congress on Evolutionary Computation (IEEE Cat. No.04TH8753), vol. 1, pp. 502–508 (2004)Google Scholar
  19. 19.
    Jidiga, G.R., Sammulal, P.: Anomaly detection using machine learning with a case study. In: 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies, Ramanathapuram, pp. 1060–1065 (2014)Google Scholar
  20. 20.
    Callegari, C., Giordano, S., Pagano, M.: Neural network based anomaly detection. In: 2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Athens, pp. 310–314 (2014)Google Scholar
  21. 21.
    Han, S.-J., Cho, S.-B.: Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Trans. Syst. Man Cybern. Part B (Cybern.) 36(3), 559–570 (2005)MathSciNetCrossRefGoogle Scholar
  22. 22.
    Lima, M.F., Sampaio, L.D.H., Zarpelao, B.B., Rodrigues, J.J.P.C., Abrao, T., Proenca Jr., M.L.: Networking anomaly detection using DSNs and particle swarm optimization with re-clustering. In: 2010 IEEE Global Telecommunications Conference GLOBECOM 2010, Miami, FL, pp. 1–6 (2010)Google Scholar
  23. 23.
    Kennedy, J., Eberhart, R.: Particle swarm optimization. In: Proceedings of the IEEE International Conference on Neural Networks, Perth, WA, vol. 4, pp. 1942–1948 (1995)Google Scholar
  24. 24.
    Koohi, I., Groza, V.Z.: Optimizing particle swarm optimization algorithm. In: 2014 IEEE 27th Canadian Conference on Electrical and Computer Engineering (CCECE), Toronto, ON, pp. 1–5 (2014)Google Scholar
  25. 25.
    Koehrsen, W.: “Beyond Accuracy: Precision and Recall” - Towards Data ScienceGoogle Scholar
  26. 26.
    Storn, R., Price, K.: Differential Evolution-a Simple and Efficient Adaptive Scheme for Global Optimization Over Continuous Spaces. ICSI Berkeley, Berkeley (1995)Google Scholar
  27. 27.
    Lin, Y.-C., Hwang, K.-S., Wang, F.-S.: Co-evolutionary hybrid differential evolution for mixed-integer optimization problems. Eng. Optim. 33(6), 663–682 (2001)CrossRefGoogle Scholar
  28. 28.
    Storn, R.: On the usage of differential evolution for function optimization. In: NAFIPS 1996 Biennial Conference of the North American Fuzzy Information Processing Society, pp. 519–523. IEEE (1996)Google Scholar
  29. 29.
    Elsayed, S., Sarker, R., Slay, J.: Evaluating the performance of a differential evolution algorithm in anomaly detection. In: 2015 IEEE Congress on Evolutionary Computation (CEC), Sendai, pp. 2490–2497 (2015)Google Scholar
  30. 30.
    Teekeng, W., Unkaw, P.: A new hybrid model of PSO and DE algorithm for data classification. In: 2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), Kanazawa, pp. 47–51 (2017)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • K. Rithesh
    • 1
    Email author
  • Adwaith V. Gautham
    • 1
  • K. Chandra Sekaran
    • 1
  1. 1.Department of Computer Science and EngineeringNational Institute of Technology Karnataka SurathkalMangaloreIndia

Personalised recommendations