New hybrid method for attack detection using combination of evolutionary algorithms, SVM, and ANN

Abstract Intrusion detection systems (IDS) have been playing an important role for providing security of computer networks. They detect different types of attacks and malicious software usage, which sometimes cannot be identified by firewalls. Based on machine learning algorithms, many IDS have been extended to classify network traffic as normal or abnormal. This paper describes a new hybrid intrusion detection method with two phases - a feature selection phase and an attack detection phase. In the feature selection phase, a wrapper technique, namely MGA-SVM, is used. This technique combines features of support vector machine (SVM) and the genetic algorithm with multi-parent crossover and multi-parent mutation (MGA). In the attack detection phase, an artificial neural network (ANN) is used to detect attacks. For improving its performance, a combination of a hybrid gravitational search (HGS) and a particle swarm optimization (PSO) is used to train the classifier. The proposed hybrid method is thus called MGA-SVM-HGS-PSO-ANN. It's performance is compared with other popular techniques such as Chi-SVM, ANN based on gradient descent (GD-ANN) and decision tree (DT), ANN based on genetic algorithm (GA-ANN), ANN based on combining gravitational search (GS) and PSO (GSPSO-ANN), ANN based on PSO (PSO-ANN), and ANN based on GS (GS-ANN). Using the NSL-KDD dataset as a standard benchmark for attack detection evaluation, the obtained test results show that the proposed MGA-SVM-HGS-PSO-ANN method can attain a maximum detection accuracy of 99.3%, dimension reduction of NSL-KDD from 42 to 4 features, and needs only 3 s as maximum training time.

[1]  Ferat Sahin,et al.  A survey on feature selection methods , 2014, Comput. Electr. Eng..

[2]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[3]  Zulaiha Ali Othman,et al.  Features Selection for Intrusion Detection System Based on DNA Encoding , 2019, Intelligent and Interactive Computing.

[4]  Zhong Jin,et al.  A novel SVM by combining kernel principal component analysis and improved chaotic particle swarm optimization for intrusion detection , 2014, Soft Computing.

[5]  Richard A. Kemmerer,et al.  State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..

[6]  H. R. E. H. Bouchekara,et al.  Optimal power flow using GA with a new multi-parent crossover considering: prohibited zones, valve-point effect, multi-fuels and emission , 2018 .

[7]  Hossam Faris,et al.  An evolutionary gravitational search-based feature selection , 2019, Inf. Sci..

[8]  Hossein Nezamabadi-pour,et al.  GSA: A Gravitational Search Algorithm , 2009, Inf. Sci..

[9]  Risto Miikkulainen,et al.  Intrusion Detection with Neural Networks , 1997, NIPS.

[10]  Ernest Foo,et al.  Improving performance of intrusion detection system using ensemble methods and feature selection , 2018, ACSW.

[11]  Mohammad Javad Golkar,et al.  A hybrid method consisting of GA and SVM for intrusion detection system , 2016, Neural Computing and Applications.

[12]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[13]  Vassilios Petridis,et al.  Optimal power flow by enhanced genetic algorithm , 2002 .

[14]  Zaiton Muda,et al.  Improving Intrusion Detection Using Genetic Algorithm , 2013 .

[15]  Shadi Aljawarneh,et al.  Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model , 2017, J. Comput. Sci..

[16]  Cherukuri Aswani Kumar,et al.  Intrusion detection model using fusion of chi-square feature selection and multi class SVM , 2017, J. King Saud Univ. Comput. Inf. Sci..

[17]  C. A. Kumar,et al.  An analysis of supervised tree based classifiers for intrusion detection system , 2013, 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering.

[18]  Symeon Papavassiliou,et al.  Network intrusion and fault detection: a statistical anomaly approach , 2002, IEEE Commun. Mag..

[19]  Tirtharaj Dash,et al.  A study on intrusion detection using neural networks trained with evolutionary algorithms , 2017, Soft Comput..

[20]  Hossam Faris,et al.  An efficient binary Salp Swarm Algorithm with crossover scheme for feature selection problems , 2018, Knowl. Based Syst..

[21]  Bhavani M. Thuraisingham,et al.  A new intrusion detection system using support vector machines and hierarchical clustering , 2007, The VLDB Journal.

[22]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[23]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[24]  Serhat Duman,et al.  Optimal power flow using gravitational search algorithm , 2012 .

[25]  Siti Zaiton Mohd Hashim,et al.  Training feedforward neural networks using hybrid particle swarm optimization and gravitational search algorithm , 2012, Appl. Math. Comput..

[26]  H. Nezamabadi-pour,et al.  Improving the precision of CBIR systems by feature selection using binary gravitational search algorithm , 2012, The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012).