Skip to main content
SpringerLink
Log in

Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection

  • Special Issue
  • Published:
Evolutionary Intelligence Aims and scope Submit manuscript

Abstract

Intrusion detection has become important to network security because of the increasing connectivity between computers and internet. Various Intrusion Detection Systems have been investigated to protect web or networks using several evolutionary methods and classification techniques. In this study, we propose a new technique by combining Ensemble of Feature Selection (EFS) and Adaptive Grasshopper Optimization Algorithm (AGOA) methods, called EFSAGOA which can help to identify the types of attack. In the proposed approach, initially, EFS method is applied to rank the attribute for selecting the high ranked subset of attributes. Then, AGOA is employed to determine important attributes from the reduced datasets that can contribute to predict the networks traffic behavior. Furthermore, adaptive behavior of GOA uses to decide whether a record represents an anomaly or not, differing from some approaches acquainted in the literature. AGOA uses the Support Vector Machine (SVM) as a fitness function to choose the extremely efficient features and to maximize the classification performance. In addition, it is also applied to optimize the penalty factor (C), kernel parameter \((\sigma )\), and tube size \((\epsilon )\) of SVM classifier. The performance of EFSAGOA has been evaluated on modern intrusion data as ISCX 2012. The experimental results demonstrate that the proposed method performs better and obtain high detection rate, accuracy, and low false alarm rate compared to other state-of-art techniques in ISCX 2012 data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Kusyk J, Uyar MU, Sahin CS (2018) Survey on evolutionary computation methods for cybersecurity of mobile ad hoc networks. Evol Intell 10:95–117

    Google Scholar 

  2. Yao X (2017) The realisation of goal-driven airport enclosures intrusion alarm system. Int J Grid Util Comput 8:1–6

    Google Scholar 

  3. Ambusaidi MA, He X, Nanda P, Tan Z (2016) Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans Comput 65:2986–2998

    MathSciNet  MATH  Google Scholar 

  4. Alkhamisi GTMB Abrar Omar, Buhari Seyed M (2016) An integrated incentive and trust-based optimal path identification in ad hoc on-demand multipath distance vector routing for manet. Int J Grid Util Comput

  5. Mirjalili SZ, Mirjalili S, Saremi S, Faris H, Aljarah I (2018) Grasshopper optimization algorithm for multi-objective optimization problems. Appl Intell 48:805–820

    Google Scholar 

  6. Saremi S, Mirjalili S, Lewis A (2017) Grasshopper optimisation algorithm: theory and application. Adv Eng Softw 105:30–47

    Google Scholar 

  7. Mafarja M, Aljarah I, Heidari AA, Hammouri AI, Faris H, Ala’M A-Z, Mirjalili S (2018) Evolutionary population dynamics and grasshopper optimization approaches for feature selection problems. Knowl Based Syst 145:25–45

    Google Scholar 

  8. Ewees AA, Elaziz MA, Houssein EH (2018) Improved grasshopper optimization algorithm using opposition-based learning. Expert Syst Appl 112:156–172

    Google Scholar 

  9. Aburomman AA, Reaz MBI (2017) A novel weighted support vector machines multiclass classifier based on differential evolution for intrusion detection systems. Inf Sci 414:225–246

    Google Scholar 

  10. Kuang F, Xu W, Zhang S (2014) A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl Soft Comput 18:178–184

    Google Scholar 

  11. Denning DE (1987) An intrusion-detection model. IEEE Trans Softw Eng 2:222–232

    Google Scholar 

  12. Benmessahel I, Xie K, Chellal M, Semong T (2019) A new evolutionary neural networks based on intrusion detection systems using locust swarm optimization. Evol Intell 12:1–16

    Google Scholar 

  13. Tariq M, Majeed H, Beg MO, Khan FA, Derhab A (2019) Accurate detection of sitting posture activities in a secure iot based assisted living environment. Future Gener Comput Syst 92:745–757

    Google Scholar 

  14. Tan Z, Jamdagni A, He X, Nanda P, Liu RP, Hu J (2014) Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans Comput 64:2519–2533

    MathSciNet  MATH  Google Scholar 

  15. Satyapal Singh AKS, Mohan Kubendiran (2019) A review of intrusion detection approaches in cloud security systems. Int J Grid Util Comput 10:361–374

    Google Scholar 

  16. Zakeri A, Hokmabadi A (2019) Efficient feature selection method using real-valued grasshopper optimization algorithm. Expert Syst Appl 119:61–72

    Google Scholar 

  17. Pervez MS, Farid DM (2014) Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMS. In: 2014 8th international conference on software, knowledge, information management and applications (SKIMA). IEEE, pp 1–6

  18. Abraham A, Jain R, Thomas J, Han SY (2007) D-SCIDS: distributed soft computing intrusion detection system. J Netw Comput Appl 30:81–98

    Google Scholar 

  19. Hamamoto AH, Carvalho LF, Sampaio LDH, Abrão T, Proença ML Jr (2018) Network anomaly detection system using genetic algorithm and fuzzy logic. Expert Syst Appl 92:390–402

    Google Scholar 

  20. Tsang C-H, Kwong S, Wang H (2007) Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recognit 40:2373–2391

    MATH  Google Scholar 

  21. Khammassi C, Krichen S (2017) A GA-LR wrapper approach for feature selection in network intrusion detection. Comput Secur 70:255–277

    Google Scholar 

  22. Shahreza ML, Moazzami D, Moshiri B, Delavar M (2011) Anomaly detection using a self-organizing map and particle swarm optimization. Sci Iran 18:1460–1468

    Google Scholar 

  23. Zaman S, Karray F (2009) Lightweight ids based on features selection and ids classification scheme. In: 2009 international conference on computational science and engineering, vol 3. IEEE, pp 365–370

  24. Buchtala O, Klimek M, Sick B (2005) Evolutionary optimization of radial basis function classifiers for data mining applications. IEEE Trans Syst Man Cybern Part B (Cybern) 35:928–947

    Google Scholar 

  25. Manzoor I, Kumar N et al (2017) A feature reduced intrusion detection system using ann classifier. Expert Syst Appl 88:249–257

    Google Scholar 

  26. Vidal JM, Orozco ALS, Villalba LJG (2018) Adaptive artificial immune networks for mitigating dos flooding attacks. Swarm Evol Comput 38:94–108

    Google Scholar 

  27. Karami A, Guerrero-Zapata M (2015) A hybrid multiobjective RBF-PSO method for mitigating dos attacks in named data networking. Neurocomputing 151:1262–1282

    Google Scholar 

  28. Wu J, Wang H, Li N, Yao P, Huang Y, Su Z, Yu Y (2017) Distributed trajectory optimization for multiple solar-powered UAVs target tracking in urban environment by adaptive grasshopper optimization algorithm. Aerosp Sci Technol 70:497–510

    Google Scholar 

  29. Al-Betar MA, Awadallah MA (2018) Island bat algorithm for optimization. Expert Syst Appl 107:126–145

    Google Scholar 

  30. Cai J, Luo J, Wang S, Yang S (2018) Feature selection in machine learning: a new perspective. Neurocomputing 300:70–79

    Google Scholar 

  31. Il-Agure Z, Attallah B (2019) How mutual information interprets anomalies using different clustering. Int J Grid Util Comput 10:36–41

    Google Scholar 

  32. Cover TM, Thomas JA (2012) Elements of information theory. Wiley, Hoboken

    MATH  Google Scholar 

  33. Fathy A (2018) Recent meta-heuristic grasshopper optimization algorithm for optimal reconfiguration of partially shaded PV array. Sol Energy 171:638–651

    Google Scholar 

  34. Luo J, Chen H, Xu Y, Huang H, Zhao X et al (2018) An improved grasshopper optimization algorithm with application to financial stress prediction. Appl Math Model 64:654–668

    MathSciNet  Google Scholar 

  35. Cortes C, Vapnik V (1995) Support-vector networks. Mach Learn 20:273–297

    MATH  Google Scholar 

  36. Chang C-C, Lin C-J (2011) Libsvm: a library for support vector machines. ACM Trans Intell Syst Technol (TIST) 2:27

    Google Scholar 

  37. Ebrahimpour MK, Eftekhari M (2017) Ensemble of feature selection methods: a hesitant fuzzy sets approach. Appl Soft Comput 50:300–312

    Google Scholar 

  38. Rankawat SA, Dubey R (2017) Robust heart rate estimation from multimodal physiological signals using beat signal quality index based majority voting fusion method. Biomed Signal Process Control 33:201–212

    Google Scholar 

  39. Blickle T, Thiele L (1996) A comparison of selection schemes used in evolutionary algorithms. Evol Comput 4:361–394

    Google Scholar 

  40. Mirjalili S, Mirjalili SM, Lewis A (2014) Grey wolf optimizer. Adv Eng Softw 69:46–61

    Google Scholar 

  41. Mafarja M, Aljarah I, Heidari AA, Faris H, Fournier-Viger P, Li X, Mirjalili S (2018) Binary dragonfly optimization for feature selection using time-varying transfer functions. Knowl Based Syst 161:185–204

    Google Scholar 

  42. Lee C-P, Leu Y, Yang W-N (2012) Constructing gene regulatory networks from microarray data using GA/PSO with DTW. Appl Soft Comput 12:1115–1124

    Google Scholar 

  43. Soufan O, Kleftogiannis D, Kalnis P, Bajic VB (2015) DWFS: a wrapper feature selection tool based on a parallel genetic algorithm. PLoS ONE 10:e0117988

    Google Scholar 

  44. Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31:357–374

    Google Scholar 

  45. Elhag S, Fernández A, Bawakid A, Alshomrani S, Herrera F (2015) On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems. Expert Syst Appl 42:193–202

    Google Scholar 

  46. Nisioti A, Mylonas A, Yoo PD, Katos V (2018) From intrusion detection to attacker attribution: a comprehensive survey of unsupervised methods. IEEE Commun Surv Tutor 20:3369–3388

    Google Scholar 

  47. Ravale U, Marathe N, Padiya P (2015) Feature selection based hybrid anomaly intrusion detection system using K means and RBF kernel function. Procedia Comput Sci 45:428–435

    Google Scholar 

  48. Shukla AK (2019) Building an effective approach toward Intrusion detection using ensemble feature selection. Int J Inf Secur Priv (IJISP) 13(3):31–47

    Google Scholar 

  49. Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the KDD cup 99 data set. In: IEEE symposium on computational intelligence for security and defense applications, 2009. CISDA 2009. IEEE, pp 1–6

  50. Nadiammai G, Hemalatha M (2014) Effective approach toward intrusion detection system using data mining techniques. Egypt Inform J 15:37–50

    Google Scholar 

  51. Yassin W, Udzir NI, Abdullah A, Abdullah MT, Muda Z, Zulzalil H (2014) Packet header anomaly detection using statistical analysis. In: International joint conference SOCO’14-CISIS’14-ICEUTE’14. Springer, pp 473–482

  52. Huang H, Khalid RS, Yu H (2017) Distributed machine learning on smart-gateway network towards real-time indoor data analytics. In: Data science and big data: an environment of computational intelligence. Springer, pp 231–263

  53. Salo F, Nassif AB, Essex A (2019) Dimensionality reduction with ig-pca and ensemble classifier for network intrusion detection. Comput Netw 148:164–175

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, NIT Raipur, Raipur, Chhattisgarh, India

    Shubhra Dwivedi, Manu Vardhan & Sarsij Tripathi

  2. Department of Computer Science and Engineering, GL Bajaj Institute of Technology and Management, Greater Noida, India

    Alok Kumar Shukla

Authors
  1. Shubhra Dwivedi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manu Vardhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarsij Tripathi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alok Kumar Shukla
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alok Kumar Shukla.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dwivedi, S., Vardhan, M., Tripathi, S. et al. Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection. Evol. Intel. 13, 103–117 (2020). https://doi.org/10.1007/s12065-019-00293-8

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12065-019-00293-8

Keywords

Search

Navigation