Abstract
Intrusion Detection Systems (IDSs) are a primary research area in Cybersecurity nowadays. These are programs or methods designed to monitor and analyze network traffic aiming to identify suspicious patterns/attacks. MSNM (Multivariate Statistical Network Monitoring) is a state-of-the-art algorithm capable of detecting various security threats in real network traffic data with high performance. However, semi-supervised MSNM heavily relies on a set of weights, whose values are usually determined using a relatively simple optimization algorithm. This work proposes the application of various Evolutionary Algorithm approaches to optimize this set of variables and improve the performance of MSNM against four types of attacks using the UGR’16 dataset (includes real network traffic flows). Furthermore, we analyzed the performance of a Particle Swarm Optimization approach and a Simulated Annealing algorithm, as a baseline. The results obtained are very promising and show that EAs are a great tool for enhancing the performance of this IDS.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Indeed, is the semi-MSNM optimized by these algorithms which cannot detect these attacks.
References
Anderson, J.P.: Computer security threat monitoring and surveillance. James P. Anderson Company, Technical Report (1980)
Hathaway, O.A., et al.: The law of cyber-attack. California law review, pp. 817–885 (2012)
Sabahi, F., Movaghar, A.: Intrusion detection: a survey. In: 2008 Third International Conference on Systems and Networks Communications, pp. 23–26. IEEE (2008)
Camacho, J., Pérez-Villegas, A., García-Teodoro, P., Maciá-Fernández, G.: Pca-based multivariate statistical network monitoring for anomaly detection. Comput. Secur. 59, 118–137 (2016)
Jolliffe, I.T., Cadima, J.: Principal component analysis: a review and recent developments. Philosophical Trans. Roy. Soc. A Math. Phys. Eng. Sci. 374(2065), 20150202 (2016)
Maciá-Fernández, G., Camacho, J., Magán-Carrión, R., García-Teodoro, P., Therón, R.: Ugr ’16: a new dataset for the evaluation of cyclostationarity-based network idss. Comput. Secur. 73, 411–424 (2018)
Camacho, J., Maciá-Fernández, G., Fuentes-García, N.M., Saccenti, E.: Semi-supervised multivariate statistical network monitoring for learning security threats. IEEE Trans. Inf. Forensics Secur. 14(8), 2179–2189 (2019)
Camacho, J., Picó, J., Ferrer, A.: Self-tuning run to run optimization of fed-batch processes using unfold-pls. AIChE J. 53(7), 1789–1804 (2007)
Eiben, A.E., Smith, J.E.: Introduction to evolutionary computing. Springer (2015)
Eberhart, R., Kennedy, J.: Particle swarm optimization. In: Proceedings of the IEEE International Conference on Neural Networks, 4, pp. 1942–1948 (1995)
He, Y., Ma, W.J., Zhang, J.P.: The parameters selection of pso algorithm influencing on performance of fault diagnosis. In: MATEC Web of Conferences, vol. 63, EDP Sciences (2016) 02019
Van Laarhoven, P.J., Aarts, E.H., van Laarhoven, P.J., Aarts, E.H.: Simulated annealing. Springer (1987)
Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100–123 (2014)
Rajagopal, S., Kundapur, P.P., Hareesha, K.S.: A stacking ensemble for network intrusion detection using heterogeneous datasets. Secur. Commun. Networks 2020, 1–9 (2020)
Larriva-Novo, X., Vega-Barbas, M., Villagra, V.A., Rivera, D., Alvarez-Campana, M., Berrocal, J.: Efficient distributed preprocessing model for machine learning-based anomaly detection over large-scale cybersecurity datasets. Appl. Sci. 10(10), 3430 (2020)
Fuentes García, N.M., et al.: Multivariate statistical network monitoring for network security based on principal component analysis (2021)
Magán-Carrión, R., Urda, D., Diaz-Cano, I., Dorronsoro, B.: Improving the reliability of network intrusion detection systems through dataset integration. IEEE Trans. Emerg. Top. Comput. 10(4), 1717–1732 (2022)
Boardman, T.J.: The statistician who changed the world: W. edwards deming, 1900–1993. Am. Statistician 48(3), 179–187 (1994)
Lofberg, J.: Yalmip: A toolbox for modeling and optimization in matlab. In,: IEEE international conference on robotics and automation (IEEE Cat. No. 04CH37508). IEEE 2004, 284–289 (2004)
Camacho, J., Pérez-Villegas, A., Rodríguez-Gómez, R.A., Jiménez-Mañas, E.: Multivariate exploratory data analysis (meda) toolbox for matlab. Chemom. Intell. Lab. Syst. 143, 49–57 (2015)
Hastie, T., Tibshirani, R., Friedman, J.H., Friedman, J.H.: The elements of statistical learning: data mining, inference, and prediction. Volume 2. Springer (2009)
Deb, K., Beyer, H.G.: Self-adaptive genetic algorithms with simulated binary crossover. Evol. Comput. 9(2), 197–221 (2001)
Albadr, M.A., Tiun, S., Ayob, M., Al-Dhief, F.: Genetic algorithm based on natural selection theory for optimization problems. Symmetry 12(11), 1758 (2020)
Lan, K.T., Lan, C.H.: Notes on the distinction of gaussian and cauchy mutations. In: 2008 Eighth International Conference on Intelligent Systems Design and Applications. Volume 1, IEEE (2008) 272–277
Acknowledgements
This work has been partially funded by projects PID2020-113462RB-I00, PID2020-115570GB-C22 and PID2020-115570GB-C21 granted by Ministerio Español de Economía y Competitividad; project TED2021-129938B-I0, granted by Ministerio Español de Ciencia e Innovación; as well as project A-TIC-608-UGR20 granted by Junta de Andalucía.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Mora, A., Arenas, M., Romero-Horno, A., Camacho-Páez, J., Castillo, P. (2023). Optimizing an IDS (Intrusion Detection System) by Means of Advanced Metaheuristics. In: Rojas, I., Joya, G., Catala, A. (eds) Advances in Computational Intelligence. IWANN 2023. Lecture Notes in Computer Science, vol 14134. Springer, Cham. https://doi.org/10.1007/978-3-031-43085-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-43085-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-43084-8
Online ISBN: 978-3-031-43085-5
eBook Packages: Computer ScienceComputer Science (R0)