Binary improved white shark algorithm for intrusion detection systems
Intrusion Detection (ID) is an essential task in the cyberattacks domain built to secure Internet applications and networks from malicious actors. The main shortcoming of the current Intrusion Detection Systems (IDSs) is their attack detection performance because the existing solutions fail to detec...
Saved in:
Published in | Neural computing & applications Vol. 35; no. 26; pp. 19427 - 19451 |
---|---|
Main Authors | , , , |
Format | Journal Article |
Language | English |
Published |
London
Springer London
01.09.2023
Springer Nature B.V |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Intrusion Detection (ID) is an essential task in the cyberattacks domain built to secure Internet applications and networks from malicious actors. The main shortcoming of the current Intrusion Detection Systems (IDSs) is their attack detection performance because the existing solutions fail to detect the threats efficiently. Therefore, improving the prediction model of the IDS can improve its performance. Several studies suggest improving the Machine Learning (ML)-based IDS prediction models by selecting the most informative features from the security data before utilizing it in the ML-IDS model. Thus, meta-heuristic algorithms such as White Shark Optimizer (WSO) are adapted to deal with such feature selection problems. For the IDS prediction model, in this paper, the WSO algorithm is improved to cope with the binary domain of the feature selection task as follows: Firstly, two transfer functions are used to map the continuous domain into binary. Secondly, the modified K-means algorithm is proposed to assess building the initial population with a high level of diversity. Finally, several crossover operators are utilized to improve the evolution process of the binary WSO. The three improved versions are BIWSO1 which is WSO with transfer functions, BIWSO2, which is BIWSO1 with a modified k-means algorithm, and BIWSO3, which is BIWSO2 with crossover operators. The proposed versions of BIWSO are tested using twelve public real-world IDS and IoT datasets. Comparative evaluations against well-established meta-heuristic algorithms are conducted where the BIWSO3 proves its efficiency in terms of classification accuracy, precision, recall, and F1 measurements. For further validation, statistical evidence using Friedman’s, Wilcoxon’s, and Mann–Whitney U tests has been conducted where BIWSO3 proves its performance at a remarkably significant level. |
---|---|
ISSN: | 0941-0643 1433-3058 |
DOI: | 10.1007/s00521-023-08772-x |