Skip to main content
Log in

An Efficient Hybrid Evolutionary Approach for Identification of Zero-Day Attacks on Wired/Wireless Network System

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Attacks from network applications establish considerable security threats for computer networks and end users. Existing cyber-attack detection methods are designed primarily in signature-based approaches that can not recognize zero-day vulnerabilities. In addition, with the minimum availability of network attack data in the real world, the effectiveness of such approaches is even more limited. Today, in network security, an Intrusion Detection System (IDS) plays an important role in detecting intrusive activity. To address the existing challenges, we propose an architectural scheme through an evolutionary hybrid algorithm that incorporates Teaching Learning based optimization (TLBO) and Simulated Annealing (SA), called TLBOSA for IDS that extracts the most notable characteristics and eliminates the irrelevant from the high-dimensional data sets. In the proposed method, SA is integrated into the TLBO, while using it to increase the quality of the solution after each iteration of the TLBO algorithm. Support Vector Machine (SVM) is used as a fitness function in the proposed method to select the relevant attributes that can help classify the attacks accurately. For performance verification, the proposed method is used in two large datasets, such as NSL-KDD and UNSW-NB15. The empirical evaluations show that our approach outperforms the existing state-of-the-art algorithms in terms of detection rate, accuracy and false alarm rates on both NSL-KDD and UNSWNB15 data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Babar, S., Stango, A., Prasad, N., Sen, J., & Prasad, R. (2011). Proposed embedded security framework for internet of things (iot), in 2011 2nd International conference on wireless communication, vehicular technology, information theory and aerospace and electronic systems technology (Wireless VITAE). IEEE, 2011, pp. 1–5.

  2. Ying, X., Sagong, S. U., Clark, A., Bushnell, L., & Poovendran, R. (2019). Shape of the cloak: Formal analysis of clock skew-based intrusion detection system in controller area networks. IEEE Trans. Inf. Forensics Secur., 14(9), 2300–2314.

    Article  Google Scholar 

  3. Tong, D., & Prasanna, V. K. (2018). Sketch acceleration on fpga and its applications in network anomaly detection. IEEE Trans. Parallel Distrib. Syst., 29(4), 929–942.

    Article  Google Scholar 

  4. Aminanto, M. E., Choi, R., Tanuwidjaja, H. C., Yoo, P. D., & Kim, K. (2018). Deep abstraction and weighted feature selection for wi-fi impersonation detection. IEEE Trans. Inf. Forensics Secur., 13(3), 621–636.

    Article  Google Scholar 

  5. Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R. P., & Hu, J. (2015). Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans. Comput., 64(9), 2519–2533.

    Article  MathSciNet  Google Scholar 

  6. Aladeemy, M., Tutun, S., & Khasawneh, M. T. (2017). A new hybrid approach for feature selection and support vector machine model selection based on self-adaptive cohort intelligence. Expert Syst. Appl., 88, 118–131.

    Article  Google Scholar 

  7. Shukla, A. K., Singh, P., & Vardhan, M. (2019). A hybrid framework for optimal feature subset selection. J. Intell. Fuzzy Syst., 36(3), 2247–2259.

    Article  Google Scholar 

  8. Ambusaidi, M. A., He, X., Tan, Z., Nanda, P., Lu, L. F., & Nagar, U. T. (2014). A novel feature selection approach for intrusion detection data classification, in 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, pp. 82–89.

  9. Rao, R. V., Savsani, V. J., & Vakharia, D. (2011). Teaching-learning-based optimization: A novel method for constrained mechanical design optimization problems. Comput. Aided Des., 43(3), 303–315.

    Article  Google Scholar 

  10. Hajisalem, V., & Babaie, S. (2018). A hybrid intrusion detection system based on abc-afs algorithm for misuse and anomaly detection. Comput. Netw., 136, 37–50.

    Article  Google Scholar 

  11. Wang, Y., Meng, W., Li, W., Li, J., Liu, W.-X., & Xiang, Y. (2018). A fog-based privacy-preserving approach for distributed signature-based intrusion detection. J. Parallel Distrib. Comput., 122, 26–35.

    Article  Google Scholar 

  12. Ambusaidi, M. A., He, X., Nanda, P., & Tan, Z. (2016). Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput., 65(10), 2986–2998.

    Article  MathSciNet  Google Scholar 

  13. Javidrad, F., Nazari, M., & Javidrad, H. (2018). Optimum stacking sequence design of laminates using a hybrid pso-sa method. Compos. Struct., 185, 607–618.

    Article  Google Scholar 

  14. Shukla, A. K. (2019). Building an effective approach toward intrusion detection using ensemble feature selection. Int. J. Inf. Secur. Priv., 13(3), 31–47.

    Article  Google Scholar 

  15. Ahmad, B., Jian, W., Ali, Z. A., Tanvir, S., & Khan, M. S. A. (2019). Hybrid anomaly detection by using clustering for wireless sensor network. Wireless Pers. Commun., 106(4), 1841–1853.

    Article  Google Scholar 

  16. Selvakumar, K., Karuppiah, M., SaiRamesh, L., Islam, S. H., Hassan, M. M., Fortino, G., et al. (2019). Intelligent temporal classification and fuzzy rough set-based feature selection algorithm for intrusion detection system in wsns. Inf. Sci., 497, 77–90.

    Article  Google Scholar 

  17. Javidrad, F., & Nazari, M. (2017). A new hybrid particle swarm and simulated annealing stochastic optimization method. Appl. Soft Comput., 60, 634–654.

    Article  Google Scholar 

  18. Beigvand, S. D., Abdi, H., & La Scala, M. (2017). Hybrid gravitational search algorithm-particle swarm optimization with time varying acceleration coefficients for large scale chped problem. Energy, 126, 841–853.

    Article  Google Scholar 

  19. Rodriguez, F. J., Garcia-Martinez, C., & Lozano, M. (2012). Hybrid metaheuristics based on evolutionary algorithms and simulated annealing: Taxonomy, comparison, and synergy test. IEEE Trans. Evol. Comput., 16(6), 787–800.

    Article  Google Scholar 

  20. Hamamoto, A. H., Carvalho, L. F., Sampaio, L. D. H., Abrão, T., & Proença, M. L, Jr. (2018). Network anomaly detection system using genetic algorithm and fuzzy logic. Expert Syst. Appl., 92, 390–402.

    Article  Google Scholar 

  21. Sadiq, A. S., Alkazemi, B., Mirjalili, S., Ahmed, N., Khan, S., Ali, I., et al. (2018). An efficient ids using hybrid magnetic swarm optimization in wanets. IEEE Access, 6, 29041–29053.

    Article  Google Scholar 

  22. Pervez, M. S., & Farid, D. M. (2014). Feature selection and intrusion classification in nsl-kdd cup 99 dataset employing svms, in The 8th International Conference on Software, Knowledge, Information Management and Applications (SKIMA 2014). IEEE, 2014, pp. 1–6.

  23. Tsang, C.-H., Kwong, S., & Wang, H. (2007). Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recogn., 40(9), 2373–2391.

    Article  Google Scholar 

  24. Khammassi, C., & Krichen, S. (2017). A ga-lr wrapper approach for feature selection in network intrusion detection. Comput. Secur., 70, 255–277.

    Article  Google Scholar 

  25. Shahreza, M. L., Moazzami, D., Moshiri, B., & Delavar, M. (2011). Anomaly detection using a self-organizing map and particle swarm optimization. Sci. Iran., 18(6), 1460–1468.

    Article  Google Scholar 

  26. Zaman, S., & Karray, F. (2009). Lightweight ids based on features selection and ids classification scheme, in 2009 International Conference on Computational Science and Engineering, vol. 3. IEEE, pp. 365–370.

  27. Mohammadi, P., & Ghaffari, A. (2019). Defending against flooding attacks in mobile ad-hoc networks based on statistical analysis. Wireless Pers. Commun., 106(2), 365–376.

    Article  Google Scholar 

  28. Kuang, F., Xu, W., & Zhang, S. (2014). A novel hybrid kpca and svm with ga model for intrusion detection. Appl. Soft Comput., 18, 178–184.

    Article  Google Scholar 

  29. Karami, A., & Guerrero-Zapata, M. (2015). A hybrid multiobjective rbf-pso method for mitigating dos attacks in named data networking. Neurocomputing, 151, 1262–1282.

    Article  Google Scholar 

  30. Yahalom, R., Steren, A., Nameri, Y., Roytman, M., Porgador, A., & Elovici, Y. (2019). Improving the effectiveness of intrusion detection systems for hierarchical data. Knowl.-Based Syst., 168, 59–69.

    Article  Google Scholar 

  31. Shukla, A. K., Singh, P., & Vardhan, M. (2018). Neighbour teaching learning based optimization for global optimization problems. J. Intell. Fuzzy Syst., 34(3), 1583–1594.

    Article  Google Scholar 

  32. Rao, R., & Patel, V. (2012). An elitist teaching-learning-based optimization algorithm for solving complex constrained optimization problems. Int. J. Ind. Eng. Comput., 3(4), 535–560.

    Google Scholar 

  33. Akhlaghi, M., Emami, F., & Nozhat, N. (2014). Binary tlbo algorithm assisted for designing plasmonic nano bi-pyramids-based absorption coefficient. J. Mod. Opt., 61(13), 1092–1096.

    Article  Google Scholar 

  34. Shukla, A. K., Singh, P., & Vardhan, M. (2019). An adaptive inertia weight teaching-learning-based optimization algorithm and its applications. Appl. Math. Model., 34, 309–326.

    Article  MathSciNet  Google Scholar 

  35. Daneshmand, S. V., & Heydari, H. (2016). A diversified multiobjective simulated annealing and genetic algorithm for optimizing a three-phase hts transformer. IEEE Trans. Appl. Supercond., 26(2), 1–10.

    Article  Google Scholar 

  36. Cortes, C., & Vapnik, V. (1995). Support-vector networks. Mach. Learn., 20(3), 273–297.

    MATH  Google Scholar 

  37. Chang, C.-C., & Lin, C.-J. (2011). Libsvm: A library for support vector machines. ACM Trans. Intell. Syst. Technol., 2(3), 27.

    Article  Google Scholar 

  38. Shukla, A. K., Singh, P., & Vardhan, M. (2018). Hybrid tlbo-gsa strategy for constrained and unconstrained engineering optimization functions. Hybrid Metaheuristics Res. Appl., 84, 41.

    Article  Google Scholar 

  39. Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the kdd cup 99 data set, in. In IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE, pp. 1–6.

  40. Mazini, M., Shirazi, B., & Mahdavi, I. (2018). Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and adaboost algorithms, Journal of King Saud University-Computer and Information Sciences.

  41. Moustafa, N., Misra, G., & Slay, J. (2018). Generalized outlier gaussian mixture technique based on automated association features for simulating and detecting web application attacks, IEEE Transactions on Sustainable Computing.

  42. Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. J. Comput. Sci., 25, 152–160.

    Article  Google Scholar 

  43. Wang, H., Gu, J., & Wang, S. (2017). An effective intrusion detection framework based on svm with feature augmentation. Knowl.-Based Syst., 136, 130–139.

    Article  Google Scholar 

  44. Abd Eldayem, M. (2014). A proposed http service based ids. Egypt. Inf. J., 15, 03.

    Google Scholar 

  45. Kim, G., Lee, S., & Kim, S. (2014). A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl., 41(4), 1690–1700.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Alok Kumar Shukla.

Ethics declarations

Conflicts of interest

The authors declare that no conflicts of interest.

Ethical Approval

This study was performed using available datasets, as per my compliance with ethical standards there were no human or animal participants and therefore the study did not require ethics approval.

Research Involving Human and Animal Participants

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shukla, A.K. An Efficient Hybrid Evolutionary Approach for Identification of Zero-Day Attacks on Wired/Wireless Network System. Wireless Pers Commun 123, 1–29 (2022). https://doi.org/10.1007/s11277-020-07808-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07808-y

Keywords

Navigation