A hierarchical intrusion detection system based on extreme learning machine and nature-inspired optimization

• Published in: Computers & security Vol. 124; p. 102957
• Main Authors: Alzaqebah, Abdullah, Aljarah, Ibrahim, Al-Kadi, Omar
• Format: Journal Article
• Language: English
• Published: Elsevier Ltd 01.01.2023
• Subjects: Crossover error rate; Extreme learning machine; Feature extraction; Intrusion detection system; Swarm intelligence; Feature extraction; Swarm intelligence; Extreme learning machine; Crossover error rate; Intrusion detection system
• ISSN: 0167-4048; 1872-6208
• DOI: 10.1016/j.cose.2022.102957

•A bio-inspired meta-heuristic algorithm for efficient detection and classification of multi-stage attacks is developed.•Swarm-based Harris Hawk’s optimizer is extended for rapid convergence and wide search space.•Swarm intelligence is integrated with extreme learning machine for feature and parameter optimization.•Applying on different network intrusion attacks shows improved performance. The surge in cyber-attacks has driven demand for robust Intrusion detection systems (IDSs) to protect underlying data and sustain availability of network services. Detecting and classifying multiple type of attacks requires robust machine learning approaches that can analyze network traffic and take appropriate measures. Traffic data usually consists of redundant, irrelevant, and noisy information, which could have a negative influence on the model performance. In this paper, we propose an improved bio-inspired meta-heuristic algorithm for efficient detection and classification of multi-stage attacks. The proposed model uses a one-versus-all sub-model based technique to deal with the multi-class classification problem. Each sub-model employs an enhanced Harris Hawk optimization with extreme learning machine (ELM) as the base classifier. This hierarchy produces the best subset of features per attack, along with optimized ELMs weights, which can improve the detection rate significantly. The proposed technique was tested against various meta-heuristic algorithms and multi-class classifiers using the UNSWNB-15 dataset. In seven different types of attacks, experimental results outperformed other existing methods in terms of decreasing the crossover-error rate and obtaining the best values for the G-mean measure.