A Survey of Swarm Intelligence Based Clustering Models for Anomaly Detection in Network Traffic

Data is always at risk of being compromised in the age of the industrial Internet of Things (IoT) irrespective of the fact that whether it is at rest or in transit. Authentication and encryption are employed in IoT networks but it does not make them immune to Cyber threats. Although there are many data-safety options, not all of them are perfect. In this context, anomaly detection acts as an aid in improving the resistance of the systems to various forms of attacks. In order to achieve it, several data mining algorithms and tools are used to detect and record any unusual network activity. Thus, intrusion detection has become a crucial part of network security as frequency of Cyber-attacks on computers continues to rise. The surge in attacks is due to the exponential growth in the availability and accessibility of the Internet and other forms of digital information dissemination. Nowadays, Intrusion Detection Systems (IDS) are a regular component of almost all security networks. The efficacy of IDS has already seen a number of improvements, mostly due to the use of evolutionary methods. An evolutionary algorithm named Swarm intelligence (SI) has attracted the attention of researchers in the field of intrusion detection because of its successful use in other domains. SI is a new bio-inspired family of technologies that takes cues from the coordinated actions of animal or insect swarms. The combination of SI and data mining has produced lightweight yet robust approaches for detecting Cyber-attacks. The study presented in this paper mainly pursues following objectives; Our first objective in this study is to critically examine existing swarm-based anomaly detection techniques, while also contributing fresh insights to the existing body of literature surrounding anomaly detection research in swarm-based data mining. To achieve this, we conduct a comprehensive review of the existing swarm intelligence-based clustering models utilized for anomaly detection in network traffic. Our analysis illuminates the strengths and weaknesses of these models, notably highlighting their efficacy in pinpointing anomalies within network traffic. Furthermore, we delve into the challenges encountered during the implementation of these swarm intelligence-based clustering models within network traffic anomaly detection scenarios, while concurrently proposing potential solutions to address these issues.