The International Arab Journal of Information Technology (IAJIT)


Improved Intrusion Detection Algorithm based on TLBO and GA Algorithms

Optimization algorithms are widely used for the identification of intrusion. This is attributable to the increasing number of audit data features and the decreasing performance of human-based smart Intrusion Detection Systems (IDS) regarding classification accuracy and training time. In this paper, an improved method for intrusion detection for binary classification was presented and discussed in detail. The proposed method combined the New Teaching-Learning-Based Optimization Algorithm (NTLBO), Support Vector Machine (SVM), Extreme Learning Machine (ELM), and Logistic Regression (LR) (feature selection and weighting) NTLBO algorithm with supervised machine learning techniques for Feature Subset Selection (FSS). The process of selecting the least number of features without any effect on the result accuracy in FSS was considered a multi-objective optimization problem. The NTLBO was proposed in this paper as an FSS mechanism; its algorithm-specific, parameter-less concept (which requires no parameter tuning during an optimization) was explored. The experiments were performed on the prominent intrusion machine-learning datasets (KDDCUP’99 and CICIDS 2017), where significant enhancements were observed with the suggested NTLBO algorithm as compared to the classical Teaching- Learning-Based Optimization algorithm (TLBO), NTLBO presented better results than TLBO and many existing works. The results showed that NTLBO reached 100% accuracy for KDDCUP’99 dataset and 97% for CICIDS dataset.

[1] Aljarah I. and Ludwig S., “Mapreduce Intrusion Detection System Based on A Particle Swarm Optimization Clustering Algorithm,” in Proceedings of IEEE Congress on Evolutionary Computation Conference, Cancun, pp. 955-962, 2013.

[2] Aljawarneh S., Aldwairi M., and Yassein M., (3) (4) 178 The International Arab Journal of Information Technology, Vol. 18, No. 2, March 2021 “Anomaly-Based Intrusion Detection System Through Feature Selection Analysis and Building Hybrid Efficient Model,” Journal of Computational Science, vol. 25, pp. 152-160, 2018.

[3] Altay B., Dokeroglu T., and Cosar A., “Context- Sensitive and Keyword Density-Based Supervised Machine Learning Techniques for Malicious Webpage Detection,” Soft Computing, vol. 23, no. 4, pp. 4177-4191, 2018.

[4] Alsajri M., Ismail M., and Abdul-Baqi S., “A Review on the Recent Application of Jaya Optimization Algorithm,” in Proceedings of 1st Annual International Conference on Information and Sciences, Fallujah, pp. 129-132, 2018.

[5] Bamakan S., Wang H., Yingjie T., and Shi Y., “An Effective Intrusion Detection Framework Based on MCLP/SVM Optimized by Time- Varying Chaos Particle Swarm Optimization,” Neurocomputing, vol. 199, pp. 90-102, 2016.

[6] Cai J., Luo J.,Wang S., and Yang S., “Feature Selection in Machine Learning: A New Perspective,” Neurocomputing, vol. 300, pp. 70- 79, 2018.

[7] Chaudhary A., Tiwari V., and Kumar A., “A Novel Intrusion Detection System for Ad Hoc Flooding Attack Using Fuzzy Logic in Mobile Ad Hoc Networks,” in Proceedings of International Conference on Recent Advances and Innovations in Engineering, Jaipur, pp. 1-4, 2014.

[8] ÄŚrepinšek M., Liu S., and Mernik L., “A Note on Teaching-Learning-Based Optimization Algorithm,” Information Sciences, vol. 212, pp. 79-93, 2012.

[9] Dash M. and Liu H., “Feature Selection for Classification,” Intelligent Data Analysis, vol. 1, no. 3, pp. 131-156, 1997.

[10] Das S., Achary N., and Padhy S., “Novel Hybrid SVM-TLBO Forecasting Model Incorporating Dimensionality Reduction Techniques,” Applied Intelligence, vol. 45, no. 4, pp. 1148-1165, 2016.

[11] Das S. and Padhy S., “A Novel Hybrid Model Using Teaching-Learning-Based Optimization And A Support Vector Machine for Commodity Futures Index Forecasting,” International Journal of Machine Learning and Cybernetics, vol. 9, no. 1, pp. 97-111, 2018.

[12] De la Hoz E., De la Hoz E., Ortiz A., Ortega J., and Prieto B., “PCA filtering and Probabilistic SOM for Network Intrusion Detection,” Neurocomputing, vol. 164, pp. 71-81, 2015.

[13] Ding D., Han Q., Xiang Y., Ge X., and Zhang X., “A Survey on Security Control and Attack Detection for Industrial Cyber-Physical Systems,” Neurocomputing, vol. 275, pp. 1674- 1683, 2018.

[14] Dokeroglu T., “Hybrid Teaching-Learning-Based Optimization Algorithms for The Quadratic Assignment Problem,” Computers and Industrial Engineering, vol. 85, pp. 86-101, 2015.

[15] Dumais S., Platt J., Heckerman D., and Sahami M., “Inductive Learning Algorithms and Representations for Text Categorization,” in Proceedings of the 7th International Conference on Information and Knowledge Management, Bethesda, pp. 148-155, 1998.

[16] Eesa A., Orman Z., and Brifcani A., “A Novel Feature-Selection Approach Based on the Cuttlefish Optimization Algorithm for Intrusion Detection Systems,” Expert Systems with Applications, vol. 42, no. 5, pp. 2670-2679, 2015.

[17] Guo C., Ping Y., Liu N., and Luo S., “A Two- Level Hybrid Approach for Intrusion Detection,” Neurocomputing, vol. 214, pp. 391-400, 2016.

[18] Kiziloz H., Deniz A., Dokeroglu T., and Cosar A., “Novel Multiobjective TLBO Algorithms for The Feature Subset Selection Problem,” Neurocomputing, vol. 306, pp. 94-107, 2018.

[19] Khaleel M., Ismail M., Yunan U., and Kasim S., “Review on Intrusion Detection System Based on the Goal of the Detection System,” International Journal of Integrated Engineering Special Iss, vol. 10, no. 6, pp. 197-202, 2018.

[20] Lin W., Ke S., and Tsai C., “CANN: An Intrusion Detection System Based on Combining Cluster Centers and Nearest Neighbors,” Knowledge-Based Systems, vol. 78, pp. 13-21, 2015.

[21] Li Y., Wang J., Tian Z., and Young C., “Building Lightweight Intrusion Detection System Using Wrapper-Based Feature Selection Mechanisms,” Computers and Security, vol. 28, no. 6, pp. 466- 475, 2009.

[22] Louvieris P., Clewley N., and Liu X., “Effects- Based Feature Identification for Network Intrusion Detection,” Neurocomputing, vol. 121, pp. 265-273, 2013.

[23] Mahdavifar S. and Ghorbani A., “Application of Deep Learning to Cybersecurity: A Survey,” Neurocomputing, vol. 347, 2019.

[24] Mohammed M., Hasan R., Ahmed M., Tapus N., and Shanan M., “A Focal Load Balancer Based Algorithm For Task Assignment In Cloud Environment,” in Proceedings of The 10th International Conference on Electronics, Computers and Artificial Intelligence, Iasi, pp. 1- 4, 2018.

[25] Nayak M., Nayak C., and Rout P., “Application Of Multi-Objective Teaching Learning Based Optimization Algorithm to Optimal Power Flow Problem,” Procedia Technology, vol. 6, pp. 255- 264, 2012.

[26] Rao R., Savsani V., and Vakharia D., “Teaching- Learning-Based Optimization: A Novel Method for Constrained Mechanical Design Optimization Improved Intrusion Detection Algorithm based on TLBO and GA Algorithms 179 Problems,” Computer-Aided Design, vol. 43, no. 3, pp. 303-315, 2011.

[27] Rao R., Savsani V., and Balic J., “Teaching- Learning-Based Optimization Algorithm for Unconstrained and Constrained Real-Parameter Optimization Problems,” Engineering Optimization, vol. 44, no. 12, pp. 1447-1462, 2012.

[28] Rao R. and Patel V., “An Improved Teaching- Learning-Based Optimization Algorithm for Solving Unconstrained Optimization Problems,” Scientia Iranica, vol. 20, no. 3, pp. 710-720, 2013.

[29] Sen R., Chattopadhyay M., and Sen N., “An Efficient Approach to Develop an Intrusion Detection System Based on Multi Layer Backpropagation Neural Network Algorithm: IDS Using BPNN Algorithm,” in Proceedings of the ACM SIGMIS Conference on Computers and People Research, California, pp. 105-108, 2015.

[30] Shukla A., Kumar S., and Singh H., “ANN Based Execution Time Prediction Model and Assessment of Input Parameters through ISM,” The International Arab Journal of Information Technology, vol. 17, no. 5, pp. 683-691, 2020.

[31] Sultana A. and Jabbar M., “Intelligent Network Intrusion Detection System Using Data Mining Techniques,” in Proceedings of 2nd International Conference on Applied and Theoretical Computing and Communication Technology, Bangalore, pp. 329-333, 2016.

[32] Tao P., Sun Z., and Sun Z., “An Improved Intrusion Detection Algorithm Based on GA and SVM,” IEEE Access, vol. 6, pp. 13624-13631, 2018.

[33] Tian Y., Mirzabagheri M., Bamakan S., Wang H., and Qu Q., “Ramp Loss One-Class Support Vector Machine; A Robust and Effective Approach to Anomaly Detection Problems,” Neurocomputing, vol. 310, pp. 223-235, 2018.

[34] Yang Y. and Pedersen J., “A Comparative Study on Feature Selection in Text Categorization,” in Proceedings of the 4th International Conference on Machine Learning, San Francisco, pp. 412- 420, 1997.

[35] Yu L. and Liu H., “Feature Selection for High- Dimensional Data: A Fast Correlation-Based Filter Solution,” in Proceedings of the 20th International Conference On Machine Learning, Washington DC, pp. 856-863, 2003.