Cybersecurity experts estimate that cyber-attack damage cost will rise tremendously. The massive utilization of the web raises stress over how to pass on electronic information safely. Usually, intruders try different attacks for getting sensitive information. An Intrusion Detection System (IDS) plays a crucial role in identifying the data and user deviations in an organization. In this paper, stream data mining is incorporated with an IDS to do a specific task. The task is to distinguish the important, covered up information successfully in less amount of time. The experiment focuses on improving the effectiveness of an IDS using the proposed Stacked Autoencoder Hoeffding Tree approach (SAE-HT) using Darwinian Particle Swarm Optimization (DPSO) for feature selection. The experiment is performed in NSL_KDD dataset the important features are obtained using DPSO and the classification is performed using proposed SAE-HT technique. The proposed technique achieves a higher accuracy of 97.7% when compared with all the other state-of-art techniques. It is observed that the proposed technique increases the accuracy and detection rate thus reducing the false alarm rate.
Citation: B. Ida Seraphim, E. Poovammal, Kadiyala Ramana, Natalia Kryvinska, N. Penchalaiah. A hybrid network intrusion detection using darwinian particle swarm optimization and stacked autoencoder hoeffding tree[J]. Mathematical Biosciences and Engineering, 2021, 18(6): 8024-8044. doi: 10.3934/mbe.2021398
Cybersecurity experts estimate that cyber-attack damage cost will rise tremendously. The massive utilization of the web raises stress over how to pass on electronic information safely. Usually, intruders try different attacks for getting sensitive information. An Intrusion Detection System (IDS) plays a crucial role in identifying the data and user deviations in an organization. In this paper, stream data mining is incorporated with an IDS to do a specific task. The task is to distinguish the important, covered up information successfully in less amount of time. The experiment focuses on improving the effectiveness of an IDS using the proposed Stacked Autoencoder Hoeffding Tree approach (SAE-HT) using Darwinian Particle Swarm Optimization (DPSO) for feature selection. The experiment is performed in NSL_KDD dataset the important features are obtained using DPSO and the classification is performed using proposed SAE-HT technique. The proposed technique achieves a higher accuracy of 97.7% when compared with all the other state-of-art techniques. It is observed that the proposed technique increases the accuracy and detection rate thus reducing the false alarm rate.
[1] | S. Bhattacharya, S. R. Krishnan, P. K. R. Maddikunta, R. Kaluri, S. Singh, T. R. Gadekallu, et al., A novel PCA-firefly based XGBoost classification model for intrusion detection in networks using GPU, Electronics, 9 (2020), 219. doi: 10.3390/electronics9020219 |
[2] | I. Syarif, A. Prugel-Bennett, G. Wills, Unsupervised clustering approach for network anomaly detection, in International Conference on Networked Digital Technologies, (2012), 135-145. |
[3] | P. Mishra, V. Varadharajan, U. Tupakula, E. S. Pilli, A detailed investigation and analysis of using machine learning techniques for intrusion detection, IEEE Commun. Surv. Tutorials, 21 (2018), 686-728. |
[4] | K. S. Desale, C. N. Kumathekar, A. P. Chavan, Efficient intrusion detection system using stream data mining classification technique, in 2015 International Conference on Computing Communication Control and Automation, (2015), 469-473. |
[5] | P. K. Srimani, M. M. Patil, Mining data streams with concept drift in massive online analysis frame work, WSEAS Trans. Comput., 6 (2016), 133-142. |
[6] | M. Kumar, M. Hanumanthappa, Intrusion detection system using stream data mining and drift detection method, in 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT), 2013. |
[7] | X. Li, P. Yi, W. Wei, Y. Jiang, L. Tian, LNNLS-KH: a feature selection method for network intrusion detection, Secur. Commun. Networks Hindawi, 2021 (2021), 1-22. |
[8] | X. Zhou, Y. Hu, W. Liang, J. Ma, Q. Jin, Variational LSTM enhanced anomaly detection for industrial big data, IEEE Trans. Ind. Inf., 17 (2021), 3469-3477. doi: 10.1109/TII.2020.3022432 |
[9] | T. H. Hai, N. T. Khiem, Architecture for IDS log processing using spark streaming, in International Conference on Electrical, Communication, and Computer Engineering (ICECCE), (2020), 1-5. |
[10] | S. N. Mighan, M. Kahani, A novel scalable intrusion detection system based on deep learning, Int. J. Inf. Secur., 20 (2020), 387-403. |
[11] | T. Vaiyapuri, A. Binbusayyis, Application of deep autoencoder as an one-class classifier for unsupervised network intrusion detection: a comparative evaluation, PeerJ Comput. Sci., 6 (2020), 1-26. |
[12] | C. Tang, N. Luktarhan, Y. Zhao, SAAE-DNN: Deep learning method on intrusion detection, Symmetry, 12 (2020), 1695. doi: 10.3390/sym12101695 |
[13] | A. D. Jadhav, V. Pellakuri, Intrusion detection system using machine learning techniques for increasing accuracy and distributed & parallel approach for increasing efficiency, in 5th International Conference on Computing, Communication, Control and Automation (lCCUBEA), (2019), 1-4. |
[14] | A. Muallem, S. Shetty, J. W. Pan, J. Zhao, B. Biswal, Hoeffding tree algorithms for anomaly detection in streaming datasets: A survey, J. Inf. Secur., 8 (2017), 339-361. |
[15] | G. Kim, S. Lee, S. Kim, A novel hybrid intrusion detection method integrating anomaly detection with misuse detection, Exp. Syst. Appl., 41 (2014), 1690-1700. doi: 10.1016/j.eswa.2013.08.066 |
[16] | H. K. Sok, M. S. Chowdhury, M. P. Ooi, Y. C. Kuang, S. Demidenko, Using the ADTree for feature reduction through knowledge discovery, in 2013 IEEE International Instrumentation and Measurement Technology Conference (I2MTC), (2013), 1040-1044. |
[17] | S. J. Horng, M. Y. Su, Y. H. Chen, T. W. Kao, R. J. Chen, J. L. Lai, et al., A novel intrusion detection system based on hierarchical clustering and support vector machines, Exp. Sys. Appl., 38 (2011), 306-313. doi: 10.1016/j.eswa.2010.06.066 |
[18] | M. Tavallaee, E. Bagheri, W. Lu, A. A. Ghorbani, A detailed analysis of the KDD CUP 99 data set, IEEE Symp. Comput. Intell. Secu. Def. Appli., 2009 (2009), 1-6. |
[19] | E. Jackson, R. Agrawal, Performance evaluation of different feature encoding schemes on cybersecurity logs, in 2019 SoutheastCon, (2019), 1-9. |
[20] | K. Wankhade, S. Patka, R. Thool, An efficient approach for intrusion detection using data mining methods, in International Conference on Advances in Computing, Communications and Informatics (ICACCI), (2013), 1615-1618. |
[21] | J. Tillett, R. Rao, F. Sahin, Cluster-head identification in ad hoc sensor networks using particle swarm optimization, in IEEE International Conference on Personal Wireless Communications, (2002), 201-205. |
[22] | A. Ates, B. B. Alagoz, G. Kavuran, C. Yeroglu, Implementation of fractional order filters discretized by modified Fractional Order Darwinian Particle Swarm Optimization, Measurement, 107 (2017), 153-164. doi: 10.1016/j.measurement.2017.05.017 |
[23] | B. I. Seraphim, E. Poovammal, Adversarial attack by inducing drift in streaming data, Wireless Pers. Commun., 2021 (2021), 1-25. |
[24] | G. Liu, H. Bao, B. Han, A stacked autoencoder-based deep neural network for achieving gearbox fault diagnosis, Math. Probl. Eng. Hindawi, 2018 (2018). |
[25] | M. R. Mohamed, A. A. Nasr, I. F. Tarrad, S. R. Abdulmageed, Exploiting incremental classifiers for the training of an adaptive intrusion detection model, Int. J. Netw. Secur., 21 (2019), 275-289. |
[26] | M. S. Pervez, D. M. Farid, Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs, in The 8th International Conference on Software, Knowledge, Information Management and Applications (SKIMA 2014), (2014), 1-6. |
[27] | S. Krishnaveni, S. Sivamohan, S. S. Sridhar, S. Prabakaran, Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing, Cluster Comput., 2021 (2021), 1-19. |
[28] | S. P. RM, P. K. R. Maddikunta, M. Parimala, S. Koppu, T. R. Gadekallu, C. L. Chowdhary, et al., An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture, Comput. Commun., 160 (2020), 139-149. doi: 10.1016/j.comcom.2020.05.048 |
[29] | S. M. Alqahtani, R. John, A comparative analysis of different classification techniques for cloud intrusion detection systems alerts and fuzzy classifiers, in 2017 Computing Conference, (2017), 406-415. |
[30] | A. Rehman, S. U. Rehman, M. Khan, M. Alazab, T. R. Gadekallu, CANintelliIDS: detecting in-vehicle intrusion attacks on a controller area network using CNN and attention-based GRU, IEEE Trans. Network Sci. Eng., 2021 (2021). |