Skip to main content

Advertisement

Log in

Enhanced IDS Using BBA and SMOTE-ENN for Imbalanced Data for Cybersecurity

  • Original Research
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

The growing importance of the internet has intensified the risks to network systems, necessitating enhanced security measures. Intrusion Detection Systems (IDS) play a crucial role in protecting against hostile activity, ensuring the integrity of data, and maintaining business continuity. By utilizing machine learning, contemporary intrusion detection systems (IDS) provide instantaneous monitoring and efficient avoidance of potential threats. This article presents an IDS that utilizes a machine learning framework to specifically identify attacks in the UNSW-NB15 and NSL-KDD datasets. Data preprocessing involves handling missing values and applying standard scaler normalization to achieve uniform feature scaling. The Binary Bat Algorithm (BBA) improves model efficacy through feature extraction. By creating artificial samples, SMOTE-ENN addresses class imbalances and enhances the model’s ability to make accurate predictions across different classes. The attacks are classified using a Random Forest (RF) model, which achieves an accuracy of 97.3% while reducing the time required for training. The results highlight the exceptional performance of our IDS in comparison to conventional approaches, providing a potential option for comprehensive intrusion detection in network systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Algorithm 1
Algorithm 2
Algorithm 3
Algorithm 4
Algorithm 5
Algorithm 6
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability

Some or all data, models, or code that support the findings of this study are available from the corresponding author upon reasonable request.

References

  1. Yin Y, Jang-Jaccard J, Xu W, Singh A, Zhu J, Sabrina F, Kwak J. Igrf-rfe: a hybrid feature selection method for mlp-based network intrusion detection on unsw-nb15 dataset. J Big Data. 2023;10(1):1–26.

    Article  Google Scholar 

  2. Denning DE. An intrusion-detection model. IEEE Trans Softw Eng. 1987;2:222–32.

    Article  Google Scholar 

  3. Kasongo SM, Sun Y. A deep gated recurrent unit based model for wireless intrusion detection system. ICT Express. 2021;7(1):81–7.

    Article  Google Scholar 

  4. Ribeiro J, Saghezchi FB, Mantas G, Rodriguez J, Abd-Alhameed RA. Hidroid: prototyping a behavioral host-based intrusion detection and prevention system for android. IEEE Access. 2020;8:23154–68.

    Article  Google Scholar 

  5. El Naqa I, Murphy MJ. What is machine learning? Cham: Springer; 2015. p. 3–11. https://doi.org/10.1007/978-3-319-18305-3_1.

    Book  Google Scholar 

  6. Ren Y, Xiao Y, Zhou Y, Zhang Z, Tian Z. Cskg4apt: a cybersecurity knowledge graph for advanced persistent threat organization attribution. IEEE Trans Knowl Data Eng. 2022;35(6):5695–709.

    Google Scholar 

  7. Zhou Y, Ren Y, Yi M, Xiao Y, Tan Z, Moustafa N, Tian Z. Cdtier: a Chinese dataset of threat intelligence entity relationships. IEEE Trans Sustain Comput. 2023;8(4):627–38.

    Article  Google Scholar 

  8. Chai Y, Du L, Qiu J, Yin L, Tian Z. Dynamic prototype network based on sample adaptation for few-shot malware detection. IEEE Trans Knowl Data Eng. 2022;35(5):4754–66.

    Google Scholar 

  9. Luo C, Tan Z, Min G, Gan J, Shi W, Tian Z. A novel web attack detection system for internet of things via ensemble classification. IEEE Trans Ind Inform. 2020;17(8):5810–8.

    Article  Google Scholar 

  10. Tian Z, Luo C, Qiu J, Du X, Guizani M. A distributed deep learning system for web attack detection on edge devices. IEEE Trans Ind Inform. 2019;16(3):1963–71.

    Article  Google Scholar 

  11. Tian Z, Shi W, Wang Y, Zhu C, Du X, Su S, Sun Y, Guizani N. Real-time lateral movement detection based on evidence reasoning network for edge computing environment. IEEE Trans Ind Inform. 2019;15(7):4285–94.

    Article  Google Scholar 

  12. Yang X-S. A new metaheuristic bat-inspired algorithm. Nature inspired cooperative strategies for optimization (NICSO 2010) 284; 2010. p. 65–74

  13. Chawla NV, Bowyer KW, Hall LO, Kegelmeyer WP. Smote: synthetic minority over-sampling technique. J Artif Intell Res. 2002;16:321–57.

    Article  Google Scholar 

  14. Breiman L. Random forests. Mach Learn. 2001;45(1):5–32.

    Article  Google Scholar 

  15. Chen T, Guestrin C. Xgboost: a scalable tree boosting system. In: Proceedings of the 22nd Acm Sigkdd international conference on knowledge discovery and data mining; 2016. p. 785–794.

  16. Cover T, Hart P. Nearest neighbor pattern classification. IEEE Trans Inf Theory. 1967;13(1):21–7.

    Article  Google Scholar 

  17. Ke G, Meng Q, Finley T, Wang T, Chen W, Ma W, Ye Q. Lightgbm: a highly efficient gradient boosting decision tree. In: Advances in neural information processing systems, 2017. p. 3146–3154.

  18. Kumar V, Sinha D, Das AK, Pandey SC, Goswami RT. An integrated rule based intrusion detection system: analysis on unsw-nb15 data set and the real time online dataset. Cluster Comput. 2020;23:1397–418.

    Article  Google Scholar 

  19. Türk F. Analysis of intrusion detection systems in unsw-nb15 and nsl-kdd datasets with machine learning algorithms. Bitlis Eren Üniversitesi Fen Bilimleri Dergisi. 2023;12(2):465–77.

    Article  Google Scholar 

  20. Wang C, Sun Y, Wang W, Liu H, Wang B. Hybrid intrusion detection system based on combination of random forest and autoencoder. Symmetry. 2023;15(3):568.

    Article  Google Scholar 

  21. Zhour R, Khalid C, Abdellatif K. Hybrid intrusion detection system based on random forest, decision tree and multilayer perceptron (mlp) algorithms. In: 2023 10th international conference on wireless networks and mobile communications (WINCOM). IEEE; 2023. p. 1–5.

  22. Kasongo SM. A deep learning technique for intrusion detection system using a recurrent neural networks based framework. Comput Commun. 2023;199:113–25.

    Article  Google Scholar 

  23. Almomani O. A feature selection model for network intrusion detection system based on pso, gwo, ffa and ga algorithms. Symmetry. 2020;12(6):1046.

    Article  Google Scholar 

  24. Khan NM, Madhav CN, Negi A, Thaseen IS. Analysis on improving the performance of machine learning models using feature selection technique. In: Intelligent systems design and applications: 18th international conference on intelligent systems design and applications (ISDA 2018) Held in Vellore, India, December 6-8, 2018, Volume 2. Springer; 2020. p. 69–77

  25. Tama BA, Comuzzi M, Rhee K-H. Tse-ids: a two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE Access. 2019;7:94497–507.

    Article  Google Scholar 

  26. Zong W, Chow Y-W, Susilo W. A two-stage classifier approach for network intrusion detection. In: Information security practice and experience: 14th international conference, ISPEC 2018, Tokyo, Japan, September 25–27, 2018, Proceedings 14. Springer; 2018. p. 329–40.

  27. Belouch M, El Hadaj S, Idhammad M. A two-stage classifier approach using reptree algorithm for network intrusion detection. Int J Adv Comput Sci Appl. 2017;8(6):2849745.

    Google Scholar 

  28. Megantara AA, Ahmad T. Feature importance ranking for increasing performance of intrusion detection system. In: 2020 3rd international conference on computer and informatics engineering (IC2IE). IEEE; 2020. p. 37–42.

  29. Ustebay S, Turgut Z, Aydin MA. Intrusion detection system with recursive feature elimination by using random forest and deep learning classifier. In: 2018 international congress on big data, deep learning and fighting cyber terrorism (IBIGDELFT). IEEE; 2018. p. 71–76.

  30. Dahiya M, Nitin N, Dahiya D. Intelligent cyber security framework based on sc-ajso feature selection and ht-rlstm attack detection. Appl Sci. 2022;12(13):6314.

    Article  Google Scholar 

  31. Schlosser-Perrin L, Holzmuller P, Fernandez B, Miotello G, Dahmani N, Neyret A, Bertagnoli S, Armengaud J, Caufour P. Constitutive proteins of lumpy skin disease virion assessed by next-generation proteomics. J Virol. 2023;97(10):00723–23.

    Article  Google Scholar 

  32. Yao W, Hu L, Hou Y, Li X. A two-layer soft-voting ensemble learning model for network intrusion detection. In: 2022 52nd Annual IEEE/IFIP international conference on dependable systems and networks workshops (DSN-W). IEEE; 2022. p. 155–61.

  33. Wang H, Gu J, Wang S. An effective intrusion detection framework based on svm with feature augmentation. Knowl Based Syst. 2017;136:130–9.

    Article  Google Scholar 

  34. Das S, Saha S, Priyoti AT, Roy EK, Sheldon FT, Haque A, Shiva S. Network intrusion detection and comparative analysis using ensemble machine learning and feature selection. IEEE Trans Netw Serv Manag. 2021;19(4):4821–33.

    Article  Google Scholar 

  35. Benaddi H, Ibrahimi K, Benslimane A. Improving the intrusion detection system for nsl-kdd dataset based on pca-fuzzy clustering-knn. In: 2018 6th international conference on wireless networks and mobile communications (WINCOM). IEEE; 2018. p. 1–6.

  36. Fragkos G, Minwalla C, Plusquellic J, Tsiropoulou EE. Artificially intelligent electronic money. IEEE Consum Electron Mag. 2021;10(4):81–9.

    Article  Google Scholar 

  37. Jiang K, Wang W, Wang A, Wu H. Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access. 2020;8:32464–76.

    Article  Google Scholar 

  38. Kasongo SM, Sun Y. Performance analysis of intrusion detection systems using a feature selection method on the unsw-nb15 dataset. J Big Data. 2020;7:1–20.

    Article  Google Scholar 

  39. Moustafa N, Slay J. Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In: 2015 Military communications and information systems conference (MilCIS). IEEE; 2015. p. 1–6.

  40. Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the kdd cup 99 data set. In: Proceedings of the second IEEE symposium on computational intelligence for security and defense applications 2009 (CISDA 2009). IEEE; 2009. p. 53–58.

  41. Nakamura RYM, Pereira LAM, Costa KA, Rodrigues D, Papa JP, Yang X-S. BBA: a binary bat algorithm for feature selection. In: 2012 25th SIBGRAPI conference on graphics, patterns and images. 2012. p. 291–97. https://doi.org/10.1109/SIBGRAPI.2012.47.

  42. Ethala S, Kumarappan A. A hybrid spider monkey and hierarchical particle swarm optimization approach for intrusion detection on internet of things. Sensors. 2022;22(21):8566.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Contributions

Neha Pramanick: formal analysis, writing—original draft, data curation, data processing and analysis, original draft preparation and writing. Shourya Srivastava: data curation. Jimson Mathew: reviewing and revising. Mayank Agarwal: research profile design, writing, reviewing, and revising.

Corresponding author

Correspondence to Mayank Agarwal.

Ethics declarations

Conflict of interest

NA.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Pramanick, N., Srivastava, S., Mathew, J. et al. Enhanced IDS Using BBA and SMOTE-ENN for Imbalanced Data for Cybersecurity. SN COMPUT. SCI. 5, 875 (2024). https://doi.org/10.1007/s42979-024-03229-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-024-03229-x

Keywords

Navigation