Abstract
Attacks from network applications establish considerable security threats for computer networks and end users. Existing cyber-attack detection methods are designed primarily in signature-based approaches that can not recognize zero-day vulnerabilities. In addition, with the minimum availability of network attack data in the real world, the effectiveness of such approaches is even more limited. Today, in network security, an Intrusion Detection System (IDS) plays an important role in detecting intrusive activity. To address the existing challenges, we propose an architectural scheme through an evolutionary hybrid algorithm that incorporates Teaching Learning based optimization (TLBO) and Simulated Annealing (SA), called TLBOSA for IDS that extracts the most notable characteristics and eliminates the irrelevant from the high-dimensional data sets. In the proposed method, SA is integrated into the TLBO, while using it to increase the quality of the solution after each iteration of the TLBO algorithm. Support Vector Machine (SVM) is used as a fitness function in the proposed method to select the relevant attributes that can help classify the attacks accurately. For performance verification, the proposed method is used in two large datasets, such as NSL-KDD and UNSW-NB15. The empirical evaluations show that our approach outperforms the existing state-of-the-art algorithms in terms of detection rate, accuracy and false alarm rates on both NSL-KDD and UNSWNB15 data.
Similar content being viewed by others
References
Babar, S., Stango, A., Prasad, N., Sen, J., & Prasad, R. (2011). Proposed embedded security framework for internet of things (iot), in 2011 2nd International conference on wireless communication, vehicular technology, information theory and aerospace and electronic systems technology (Wireless VITAE). IEEE, 2011, pp. 1–5.
Ying, X., Sagong, S. U., Clark, A., Bushnell, L., & Poovendran, R. (2019). Shape of the cloak: Formal analysis of clock skew-based intrusion detection system in controller area networks. IEEE Trans. Inf. Forensics Secur., 14(9), 2300–2314.
Tong, D., & Prasanna, V. K. (2018). Sketch acceleration on fpga and its applications in network anomaly detection. IEEE Trans. Parallel Distrib. Syst., 29(4), 929–942.
Aminanto, M. E., Choi, R., Tanuwidjaja, H. C., Yoo, P. D., & Kim, K. (2018). Deep abstraction and weighted feature selection for wi-fi impersonation detection. IEEE Trans. Inf. Forensics Secur., 13(3), 621–636.
Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R. P., & Hu, J. (2015). Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans. Comput., 64(9), 2519–2533.
Aladeemy, M., Tutun, S., & Khasawneh, M. T. (2017). A new hybrid approach for feature selection and support vector machine model selection based on self-adaptive cohort intelligence. Expert Syst. Appl., 88, 118–131.
Shukla, A. K., Singh, P., & Vardhan, M. (2019). A hybrid framework for optimal feature subset selection. J. Intell. Fuzzy Syst., 36(3), 2247–2259.
Ambusaidi, M. A., He, X., Tan, Z., Nanda, P., Lu, L. F., & Nagar, U. T. (2014). A novel feature selection approach for intrusion detection data classification, in 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, pp. 82–89.
Rao, R. V., Savsani, V. J., & Vakharia, D. (2011). Teaching-learning-based optimization: A novel method for constrained mechanical design optimization problems. Comput. Aided Des., 43(3), 303–315.
Hajisalem, V., & Babaie, S. (2018). A hybrid intrusion detection system based on abc-afs algorithm for misuse and anomaly detection. Comput. Netw., 136, 37–50.
Wang, Y., Meng, W., Li, W., Li, J., Liu, W.-X., & Xiang, Y. (2018). A fog-based privacy-preserving approach for distributed signature-based intrusion detection. J. Parallel Distrib. Comput., 122, 26–35.
Ambusaidi, M. A., He, X., Nanda, P., & Tan, Z. (2016). Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput., 65(10), 2986–2998.
Javidrad, F., Nazari, M., & Javidrad, H. (2018). Optimum stacking sequence design of laminates using a hybrid pso-sa method. Compos. Struct., 185, 607–618.
Shukla, A. K. (2019). Building an effective approach toward intrusion detection using ensemble feature selection. Int. J. Inf. Secur. Priv., 13(3), 31–47.
Ahmad, B., Jian, W., Ali, Z. A., Tanvir, S., & Khan, M. S. A. (2019). Hybrid anomaly detection by using clustering for wireless sensor network. Wireless Pers. Commun., 106(4), 1841–1853.
Selvakumar, K., Karuppiah, M., SaiRamesh, L., Islam, S. H., Hassan, M. M., Fortino, G., et al. (2019). Intelligent temporal classification and fuzzy rough set-based feature selection algorithm for intrusion detection system in wsns. Inf. Sci., 497, 77–90.
Javidrad, F., & Nazari, M. (2017). A new hybrid particle swarm and simulated annealing stochastic optimization method. Appl. Soft Comput., 60, 634–654.
Beigvand, S. D., Abdi, H., & La Scala, M. (2017). Hybrid gravitational search algorithm-particle swarm optimization with time varying acceleration coefficients for large scale chped problem. Energy, 126, 841–853.
Rodriguez, F. J., Garcia-Martinez, C., & Lozano, M. (2012). Hybrid metaheuristics based on evolutionary algorithms and simulated annealing: Taxonomy, comparison, and synergy test. IEEE Trans. Evol. Comput., 16(6), 787–800.
Hamamoto, A. H., Carvalho, L. F., Sampaio, L. D. H., Abrão, T., & Proença, M. L, Jr. (2018). Network anomaly detection system using genetic algorithm and fuzzy logic. Expert Syst. Appl., 92, 390–402.
Sadiq, A. S., Alkazemi, B., Mirjalili, S., Ahmed, N., Khan, S., Ali, I., et al. (2018). An efficient ids using hybrid magnetic swarm optimization in wanets. IEEE Access, 6, 29041–29053.
Pervez, M. S., & Farid, D. M. (2014). Feature selection and intrusion classification in nsl-kdd cup 99 dataset employing svms, in The 8th International Conference on Software, Knowledge, Information Management and Applications (SKIMA 2014). IEEE, 2014, pp. 1–6.
Tsang, C.-H., Kwong, S., & Wang, H. (2007). Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recogn., 40(9), 2373–2391.
Khammassi, C., & Krichen, S. (2017). A ga-lr wrapper approach for feature selection in network intrusion detection. Comput. Secur., 70, 255–277.
Shahreza, M. L., Moazzami, D., Moshiri, B., & Delavar, M. (2011). Anomaly detection using a self-organizing map and particle swarm optimization. Sci. Iran., 18(6), 1460–1468.
Zaman, S., & Karray, F. (2009). Lightweight ids based on features selection and ids classification scheme, in 2009 International Conference on Computational Science and Engineering, vol. 3. IEEE, pp. 365–370.
Mohammadi, P., & Ghaffari, A. (2019). Defending against flooding attacks in mobile ad-hoc networks based on statistical analysis. Wireless Pers. Commun., 106(2), 365–376.
Kuang, F., Xu, W., & Zhang, S. (2014). A novel hybrid kpca and svm with ga model for intrusion detection. Appl. Soft Comput., 18, 178–184.
Karami, A., & Guerrero-Zapata, M. (2015). A hybrid multiobjective rbf-pso method for mitigating dos attacks in named data networking. Neurocomputing, 151, 1262–1282.
Yahalom, R., Steren, A., Nameri, Y., Roytman, M., Porgador, A., & Elovici, Y. (2019). Improving the effectiveness of intrusion detection systems for hierarchical data. Knowl.-Based Syst., 168, 59–69.
Shukla, A. K., Singh, P., & Vardhan, M. (2018). Neighbour teaching learning based optimization for global optimization problems. J. Intell. Fuzzy Syst., 34(3), 1583–1594.
Rao, R., & Patel, V. (2012). An elitist teaching-learning-based optimization algorithm for solving complex constrained optimization problems. Int. J. Ind. Eng. Comput., 3(4), 535–560.
Akhlaghi, M., Emami, F., & Nozhat, N. (2014). Binary tlbo algorithm assisted for designing plasmonic nano bi-pyramids-based absorption coefficient. J. Mod. Opt., 61(13), 1092–1096.
Shukla, A. K., Singh, P., & Vardhan, M. (2019). An adaptive inertia weight teaching-learning-based optimization algorithm and its applications. Appl. Math. Model., 34, 309–326.
Daneshmand, S. V., & Heydari, H. (2016). A diversified multiobjective simulated annealing and genetic algorithm for optimizing a three-phase hts transformer. IEEE Trans. Appl. Supercond., 26(2), 1–10.
Cortes, C., & Vapnik, V. (1995). Support-vector networks. Mach. Learn., 20(3), 273–297.
Chang, C.-C., & Lin, C.-J. (2011). Libsvm: A library for support vector machines. ACM Trans. Intell. Syst. Technol., 2(3), 27.
Shukla, A. K., Singh, P., & Vardhan, M. (2018). Hybrid tlbo-gsa strategy for constrained and unconstrained engineering optimization functions. Hybrid Metaheuristics Res. Appl., 84, 41.
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the kdd cup 99 data set, in. In IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE, pp. 1–6.
Mazini, M., Shirazi, B., & Mahdavi, I. (2018). Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and adaboost algorithms, Journal of King Saud University-Computer and Information Sciences.
Moustafa, N., Misra, G., & Slay, J. (2018). Generalized outlier gaussian mixture technique based on automated association features for simulating and detecting web application attacks, IEEE Transactions on Sustainable Computing.
Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. J. Comput. Sci., 25, 152–160.
Wang, H., Gu, J., & Wang, S. (2017). An effective intrusion detection framework based on svm with feature augmentation. Knowl.-Based Syst., 136, 130–139.
Abd Eldayem, M. (2014). A proposed http service based ids. Egypt. Inf. J., 15, 03.
Kim, G., Lee, S., & Kim, S. (2014). A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl., 41(4), 1690–1700.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflicts of interest
The authors declare that no conflicts of interest.
Ethical Approval
This study was performed using available datasets, as per my compliance with ethical standards there were no human or animal participants and therefore the study did not require ethics approval.
Research Involving Human and Animal Participants
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Shukla, A.K. An Efficient Hybrid Evolutionary Approach for Identification of Zero-Day Attacks on Wired/Wireless Network System. Wireless Pers Commun 123, 1–29 (2022). https://doi.org/10.1007/s11277-020-07808-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07808-y