Skip to main content
SpringerLink
Log in

Building an efficient intrusion detection system using grasshopper optimization algorithm for anomaly detection

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Intrusion detection is one of the most crucial activities for security infrastructures in network environments, and it is widely used to detect, identify and track malicious threats. A common approach in intrusion detection systems (IDSs) specifically in anomaly detection is evolutionary algorithm that works as intrusion detector. Still, it has been challenging to design a precise and reliable IDS to determine security threats due to the large capacity of network data which contains redundant and irrelevant features. It does not only decrease the process of classification but also prevents a classifier from making precise decisions. To increase the accuracy and reduce the false alarm rate, in this study integration of ensemble feature selection (EFS) and grasshopper optimization algorithm (GOA), called EFSGOA is developed. Firstly, EFS method is applied to rank the features for selecting the top subset of relevant features. Afterward, GOA is utilized to identify significant features from the obtained reduced features set produced by EFS technique that can contribute to determine the type of attack. Furthermore, GOA utilizes support vector machine (SVM) as a fitness function to obtain the noteworthy features and to optimize penalty factor, kernel parameter, and tube size parameters of SVM for maximizing the classification performance. The experimental results demonstrate that EFSGOA method has performed better and obtained high detection rate of 99.69%, accuracy of 99.98% and low false alarm rate of 0.07 in NSL-KDD and high detection rate of 99.26%, accuracy of 99.89% and low false alarm rate of 0.097 in KDD Cup 99 data. Moreover, the proposed method has succeeded in achieving higher performance compared to other state-of-art techniques in terms of accuracy, detection rate, false alarm rate, and CPU time.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Bouyeddou, B., Harrou, F., Kadri, B., Sun, Y.: Detecting network cyber-attacks using an integrated statistical approach. Clust. Comput. (2020). https://doi.org/10.1007/s10586-020-03203-1

    Article  Google Scholar 

  2. Ring, M., Wunderlich, S., Scheuring, D., Landes, D., Hotho, A.: A survey of network-based intrusion detection data sets. Comput. Security (2019). https://doi.org/10.1016/j.cose.2019.06.005

    Article  Google Scholar 

  3. Shukla, A.K.: An efficient hybrid evolutionary approach for identification of zero-day attacks on wired/wireless network system. Wirel. Pers. Commun. (2020). https://doi.org/10.1007/s11277-020-07808-y

    Article  Google Scholar 

  4. Zakeri, A., Hokmabadi, A.: Efficient feature selection method using real-valued grasshopper optimization algorithm. Expert Syst. Appl. 119, 61–72 (2019)

    Google Scholar 

  5. Jin, D., Lu, Y., Qin, J., Cheng, Z., Mao, Z.: Swiftids: real-time intrusion detection system based on lightGBM and parallel intrusion detection mechanism. Comput. Security 97, 101984 (2020)

    Google Scholar 

  6. Dwivedi, S., Vardhan, M., Tripathi, S.: Distributed denial-of-service prediction on iot framework by learning techniques. Open Comput. Sci. 10, 220–230 (2020)

    Google Scholar 

  7. Mohammadi, S., Mirvaziri, H., Ghazizadeh-Ahsaee, M., Karimipour, H.: Cyber intrusion detection by combined feature selection algorithm. J. Inf. Security Appl. 44, 80–88 (2019)

    Google Scholar 

  8. Mafarja, M., Aljarah, I., Faris, H., Hammouri, A.I., Ala’M, A.-Z., Mirjalili, S.: Binary grasshopper optimisation algorithm approaches for feature selection problems. Expert Syst. Appl. 117, 267–286 (2019)

    Google Scholar 

  9. Shukla, A.K., Pippal, S.K., Chauhan, S.S.: An empirical evaluation of teaching-learning-based optimization, genetic algorithm and particle swarm optimization. Int. J. Comput. Appl. (2019). https://doi.org/10.1080/1206212X.2019.1686562

    Article  Google Scholar 

  10. Saremi, S., Mirjalili, S., Lewis, A.: Grasshopper optimisation algorithm: theory and application. Adv. Eng. Softw. 105, 30–47 (2017)

    Google Scholar 

  11. Ibrahim, H.T., Mazher, W.J., Ucan, O.N., Bayat, O.: A grasshopper optimizer approach for feature selection and optimizing SVM parameters utilizing real biomedical data sets. Neural Comput. Appl. 31, 5965–5974 (2019)

    Google Scholar 

  12. Mirjalili, S.Z., Mirjalili, S., Saremi, S., Faris, H., Aljarah, I.: Grasshopper optimization algorithm for multi-objective optimization problems. Appl. Intell. 48, 805–820 (2018)

    Google Scholar 

  13. Singh, I., Kumar, N., Srinivasa, K., Sharma, T., Kumar, V., Singhal, S.: Database intrusion detection using role and user behavior based risk assessment. J. Inf. Security Appl. 55, 102654 (2020)

    Google Scholar 

  14. Dwivedi, S., Vardhan, M., Tripathi, S.: Incorporating evolutionary computation for securing wireless network against cyberthreats. J. Supercomput. 76, 8691–8728 (2020)

    Google Scholar 

  15. Tidjon, L.N., Frappier, M., Mammar, A.: Intrusion detection systems: a cross-domain overview. IEEE Commun. Surv. Tutor. 21(4), 3639–3681 (2019)

    Google Scholar 

  16. Chen, J., Qi, X., Chen, L., Chen, F., Cheng, G.: Quantum-inspired ant lion optimized hybrid k-means for cluster analysis and intrusion detection. Knowl. Based Syst. 203, 106167 (2020)

    Google Scholar 

  17. Qadri, Y.A., Ali, R., Musaddiq, A., Al-Turjman, F., Kim, D.W., Kim, S.W.: The limitations in the state-of-the-art counter-measures against the security threats in H-IoT. Clust. Comput. 23, 2047–2065 (2020)

    Google Scholar 

  18. Shukla, A.K.: Detection of anomaly intrusion utilizing self-adaptive grasshopper optimization algorithm. Neural Comput. Appl. (2020). https://doi.org/10.1007/s00521-020-05500-7

    Article  Google Scholar 

  19. Wang, Y., Meng, W., Li, W., Li, J., Liu, W.-X., Xiang, Y.: A fog-based privacy-preserving approach for distributed signature-based intrusion detection. J. Parallel Distrib. Comput. 122, 26–35 (2018)

    Google Scholar 

  20. Salo, F., Nassif, A.B., Essex, A.: Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput. Netw. 148, 164–175 (2019)

    Google Scholar 

  21. Sadiq, A.S., Alkazemi, B., Mirjalili, S., Ahmed, N., Khan, S., Ali, I., Pathan, A.-S.K., Ghafoor, K.Z.: An efficient IDS using hybrid magnetic swarm optimization in WANETs. IEEE Access 6, 29041–29053 (2018)

    Google Scholar 

  22. Luo, J., Chen, H., Xu, Y., Huang, H., Zhao, X., et al.: An improved grasshopper optimization algorithm with application to financial stress prediction. Appl. Math. Model. 64, 654–668 (2018)

    MathSciNet  MATH  Google Scholar 

  23. Bhuvaneswari, G., Manikandan, G.: An intelligent intrusion detection system for secure wireless communication using IPSO and negative selection classifier. Clust. Comput. 22, 12429–12441 (2019)

    Google Scholar 

  24. Manimurugan, S., Majdi, A.-Q., Mohmmed, M., Narmatha, C., Varatharajan, R.: Intrusion detection in networks using crow search optimization algorithm with adaptive neuro-fuzzy inference system. Microprocessors Microsyst. 79, 103261 (2020)

    Google Scholar 

  25. Xie, M., Hu, J.: Evaluating host-based anomaly detection systems: a preliminary analysis of ADFA-LD. In: 6th International Congress on Image and Signal Processing (CISP), vol. 3, pp. 1711–1716. IEEE (2013)

  26. Abdulhammed, R., Musafer, H., Alessa, A., Faezipour, M., Abuzneid, A.A.: Machine learning approaches for flow-based intrusion detection systems (2018)

  27. Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Security J. Glob. Perspect. 25, 18–31 (2016)

    Google Scholar 

  28. Kaur, S., Singh, M.: Hybrid intrusion detection and signature generation using deep recurrent neural networks. Neural Comput. Appl. 32, 7859–7877 (2019)

    Google Scholar 

  29. Mazini, M., Shirazi, B., Mahdavi, I.: Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. J. King Saud Univ. Comput. Inf. Sci. 31(4), 541–553 (2018)

    Google Scholar 

  30. Sharma, R., Chaurasia, S.: An enhanced approach to fuzzy c-means clustering for anomaly detection. In: Proceedings of First International Conference on Smart System, Innovations and Computing, pp. 623–636. Springer, Singapore (2018)

  31. Hezavehi, S.M., Rahmani, R.: An anomaly-based framework for mitigating effects of DDOS attacks using a third party auditor in cloud computing environments. Clust. Comput. 23(4), 1–19 (2020)

    Google Scholar 

  32. Kumar, V., Sinha, D., Das, A.K., Pandey, S.C., Goswami, R.T.: An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Clust. Comput. 23, 1397–1418 (2020)

    Google Scholar 

  33. Jaber, A.N., Rehman, S.U.: FCM-SVM based intrusion detection system for cloud computing environment. Clust. Comput. 23, 3221–3231 (2020)

    Google Scholar 

  34. Shukla, A.K.: Building an effective approach toward intrusion detection using ensemble feature selection. Int. J. Inf. Security Privacy (IJISP) 13, 31–47 (2019)

    Google Scholar 

  35. Kuang, F., Xu, W., Zhang, S.: A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl. Soft Comput. 18, 178–184 (2014)

    Google Scholar 

  36. Bolon-Canedo, V., Sanchez-Marono, N., Alonso-Betanzos, A.: Feature selection and classification in multiple class datasets: An application to KDD cup 99 dataset. Expert Syst. Appl. 38, 5947–5957 (2011)

    Google Scholar 

  37. Haider, W., Hu, J., Slay, J., Turnbull, B.P., Xie, Y.: Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling. J. Netw. Comput. Appl. 87, 185–192 (2017)

    Google Scholar 

  38. Wang, H., Gu, J., Wang, S.: An effective intrusion detection framework based on SVM with feature augmentation. Knowl. Based Syst. 136, 130–139 (2017)

    Google Scholar 

  39. Ebrahimpour, M.K., Eftekhari, M.: Ensemble of feature selection methods: a hesitant fuzzy sets approach. Appl. Soft Comput. 50, 300–312 (2017)

    Google Scholar 

  40. Rankawat, S.A., Dubey, R.: Robust heart rate estimation from multimodal physiological signals using beat signal quality index based majority voting fusion method. Biomed. Signal Process. Control 33, 201–212 (2017)

    Google Scholar 

  41. Fathy, A.: Recent meta-heuristic grasshopper optimization algorithm for optimal reconfiguration of partially shaded pv array. Sol. Energy 171, 638–651 (2018)

    Google Scholar 

  42. Ewees, A.A., Elaziz, M.A., Houssein, E.H.: Improved grasshopper optimization algorithm using opposition-based learning. Expert Syst. Appl. 112, 156–172 (2018)

    Google Scholar 

  43. Mafarja, M., Aljarah, I., Heidari, A.A., Faris, H., Fournier-Viger, P., Li, X., Mirjalili, S.: Binary dragonfly optimization for feature selection using time-varying transfer functions. Knowl. Based Syst. 161, 185–204 (2018)

    Google Scholar 

  44. Lee, C.-P., Leu, Y., Yang, W.-N.: Constructing gene regulatory networks from microarray data using GA/PSO with DTW. Appl. Soft Comput. 12, 1115–1124 (2012)

    Google Scholar 

  45. Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20, 273–297 (1995)

    MATH  Google Scholar 

  46. Aladeemy, M., Tutun, S., Khasawneh, M.T.: A new hybrid approach for feature selection and support vector machine model selection based on self-adaptive cohort intelligence. Expert Syst. Appl. 88, 118–131 (2017)

    Google Scholar 

  47. Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput. Security 65, 135–152 (2017)

    Google Scholar 

  48. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A. A.: A detailed analysis of the KDD cup 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009 (CISDA 2009). IEEE, pp. 1–6 (2009)

  49. Cunningham, R.K., Lippmann, R.P., Fried, D.J., Garfinkel, S.L., Graf, I., Kendall, K.R., Webster, S.E., Wyschogrod, D., Zissman, M.A.: Evaluating intrusion detection systems without attacking your friends: the 1998 DARPA intrusion detection evaluation. Technical Report, Massachusetts Institute of Tech Lexington Lincoln Lab (1999)

  50. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18, 1153–1176 (2016)

    Google Scholar 

  51. Ravale, U., Marathe, N., Padiya, P.: Feature selection based hybrid anomaly intrusion detection system using k means and RBF kernel function. Procedia Comput. Sci. 45, 428–435 (2015)

    Google Scholar 

  52. Nadiammai, G., Hemalatha, M.: Effective approach toward intrusion detection system using data mining techniques. Egyp. Inf. J. 15, 37–50 (2014)

    Google Scholar 

  53. Dwivedi, S., Vardhan, M., Tripathi, S., Shukla, A.K.: Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection. Evol. Intell. 13, 103–117 (2020)

    Google Scholar 

  54. Ambusaidi, M.A., He, X., Nanda, P.: Unsupervised feature selection method for intrusion detection system. In: Trustcom/BigDataSE/ISPA, vol. 1, pp. 295–301. IEEE (2015)

  55. Gogoi, P., Bhuyan, M.H., Bhattacharyya, D., Kalita, J.K.: Packet and flow based network intrusion dataset. In: International Conference on Contemporary Computing, Springer, pp. 322–334 (2012)

  56. Abd-Eldayem, M.M.: A proposed http service based IDs. Egyp. Inf. J. 15, 13–24 (2014)

    Google Scholar 

  57. Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41, 1690–1700 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering, NIT Raipur, Chhattisgarh, India

    Shubhra Dwivedi, Manu Vardhan & Sarsij Tripathi

Authors
  1. Shubhra Dwivedi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manu Vardhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarsij Tripathi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shubhra Dwivedi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dwivedi, S., Vardhan, M. & Tripathi, S. Building an efficient intrusion detection system using grasshopper optimization algorithm for anomaly detection. Cluster Comput 24, 1881–1900 (2021). https://doi.org/10.1007/s10586-020-03229-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-020-03229-5

Keywords

Search

Navigation