Anomaly-based intrusion detection system using multi-objective grey wolf optimisation algorithm

作     者：Alamiedy, Taief Alaa Anbar, Mohammed Alqattan, Zakaria N. M. Alzubi, Qusay M. 

作者机构：Univ Sains Malaysia Natl Adv IPv6 Ctr Excellence NAv6 Usm Penang 11800 Malaysia 

出 版 物：《JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING》 (情境智能与人性化计算杂志)

年 卷 期：2020年第11卷第9期

页      面：3735-3756页

核心收录：

学科分类：0810[工学-信息与通信工程] 0711[理学-系统科学] 07[理学] 08[工学] 070105[理学-运筹学与控制论] 081101[工学-控制理论与控制工程] 0701[理学-数学] 071101[理学-系统理论] 0811[工学-控制科学与工程] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Intrusion detection system Feature selection Multi-objective optimisation Swarm intelligence Grey wolf algorithm Support vector machine Classification 

摘      要：The rapid development of information technology leads to increasing the number of devices connected to the Internet. Besides, the amount of network attacks also increased. Accordingly, there is an urgent demand to design a defence system proficient in discovering new kinds of attacks. One of the most effective protection systems is intrusion detection system (IDS). The IDS is an intelligent system that monitors and inspects the network packets to identify the abnormal behavior. In addition, the network packets comprise many attributes and there are many attributes that are irrelevant and repetitive which degrade the performance of the IDS system and overwhelm the system resources. A feature selection technique helps to reduce the computation time and complexity by selecting the optimum subset of features. In this paper, an enhanced anomaly-based IDS model based on multi-objective grey wolf optimisation (GWO) algorithm was proposed. The GWO algorithm was employed as a feature selection mechanism to identify the most relevant features from the dataset that contribute to high classification accuracy. Furthermore, support vector machine was used to estimate the capability of selected features in predicting the attacks accurately. Moreover, 20% of NSL-KDD dataset was used to demonstrate effectiveness of the proposed approach through different attack scenarios. The experimental result revealed that the proposed approach obtains classification accuracy of (93.64%, 91.01%, 57.72%, 53.7%) for DoS, Probe, R2L, and U2R attack respectively. Finally, the proposed approach was compared with other existing approaches and achieves significant result.