OIDS-CS: An Efficient Optimal Intrusion Detection System for Cyber Security using Hybrid Artificial Intelligence
Article Sidebar
Main Article Content
Abstract
Cybersecurity systems face significant challenges in intrusion detection due to high false alarm rates and the inability to accurately detect evolving attack patterns in large-scale network traffic. To address this problem, this paper proposes an Optimal Intrusion Detection System for Cybersecurity (OIDS-CS) based on a hybrid artificial intelligence framework. The proposed OIDS-CS framework for DDoS detection consists of three main stages: preprocessing, feature selection, and intrusion detection and classification. In the preprocessing stage, the network traffic data are cleaned to remove noise and redundancy, improving the quality of the input for subsequent analysis. In the feature selection stage, the extracted features are optimized using the Improved Buzzard Optimization (IBO) algorithm, which minimizes correlation among features and ensures that only the most significant and discriminative features are retained for DDoS detection. Finally, the Residual Artificial Neural Network (RANN) is employed for intrusion detection and classification. The optimized features are used as input to the RANN, which predicts whether a DDoS attack is present or not. The outputs are classified into two categories: DDoS present or DDoS not present. This structured approach not only reduces computational complexity but also improves detection accuracy and robustness against evolving DDoS attack patterns.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
References
Jiang B, Yang J, Ding G, Wang H. Cyberphysical security design in multimedia data cache resource allocation for industrial networks. IEEE Trans Ind Inform. 2019;15(12):6472-80.
Khalili MM, Naghizadeh P, Liu M. Designing cyber insurance policies: The role of pre-screening and security interdependence. IEEE Trans Inf Forensics Secur. 2018;13(9):2226-39.
Zhang Y, Krishnan VVG, Pi J, Kaur K, Srivastava A, Hahn A, et al. Cyber physical security analytics for transactive energy systems. IEEE Trans Smart Grid. 2019;11(2):931-41.
Liang G, Weller SR, Zhao J, Luo F, Dong ZY. A framework for cyber-topology attacks: Line-switching and new attack scenarios. IEEE Trans Smart Grid. 2017;10(2):1704-12.
Chattopadhyay A, Mitra U. Security against false data-injection attack in cyber-physical systems. IEEE Trans Control Netw Syst. 2019;7(2):1015-27.
Dong S, Sarem M. DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access. 2019;8:5039-48.
Abou El Houda Z, Khoukhi L, Hafid AS. Bringing intelligence to software defined networks: Mitigating DDoS attacks. IEEE Trans Netw Serv Manag. 2020;17(4):2523-35.
Doshi K, Yilmaz Y, Uludag S. Timely detection and mitigation of stealthy DDoS attacks via IoT networks. IEEE Trans Dependable Secure Comput. 2021;18(5):2164-76.
Doriguzzi-Corin R, Millar S, ScottHayward S, Martinez-del-Rincon J, Siracusa D. LUCID: A practical, lightweight deep learning solution for DDoS attack detection. IEEE Trans Netw Serv Manag. 2020;17(2):876-89.
Khan IA, Pi D, Khan ZU, Hussain Y, Nawaz A. HML-IDS: A hybridmultilevel anomaly prediction approach for intrusion detection in SCADA systems. IEEE Access. 2019;7:89507-21.
Mamolar AS, Pervez Z, Calero JMA, Khattak AM. Towards the transversal detection of DDoS network attacks in 5G multi-tenant overlay networks. Comput Secur. 2018;79:132-47.
Sahay R, Blanc G, Zhang Z, Debar H. ArOMA: An SDN based autonomic DDoS mitigation framework. Comput Secur. 2017;70:482-99.
Parida S, Panchal B. An efficient dynamic load balancing algorithm using machine learning technique in cloud environment. Int J Sci Res Sci Eng Technol. 2018;4:1184-6.
Sherazi HHR, Iqbal R, Ahmad F, Khan ZA, Chaudary MH. DDoS attack detection: A key enabler for sustainable communication in internet of vehicles. Sustain Comput Inform Syst. 2019;23:13-20.
Mamolar AS, Salva-Garcia P, ChirivellaPerez E, Pervez Z, Calero JMA, Wang Q. Autonomic protection of multi-tenant 5G mobile networks against UDP flooding DDoS attacks. J Netw Comput Appl. 2019;145:102416.
Deka RK, Bhattacharyya DK, Kalita JK. Active learning to detect DDoS attack using ranked features. Comput Commun. 2019;145:203-22.
Hosseini S, Azizi M. The hybrid technique for DDoS detection with supervised learning algorithms. Comput Netw. 2019;158:35-45.
Jing X, Yan Z, Jiang X, Pedrycz W. Network traffic fusion and analysis against DDoS flooding attacks with a novel reversible sketch. Inf Fusion. 2019;51:100-13.
Monge MAS, Gonzalez AH, Fernandez BL, Vidal DM, Garcia GR, Vidal JM. Traffic-flow analysis for source-side DDoS recognition on 5G environments. J Netw Comput Appl. 2019;136:114-31.
Sreeram I, Vuppala VPK. HTTP flood attack detection in application layer using machine learning metrics and bio inspired bat algorithm. Appl Comput Inform. 2019;15(1):59-66.
MahdaviHezavehi S, Rahmani R. An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments. Cluster Comput. 2020;23(4):2609-27.
Dasari DB, Edamadaka G, Chowdary CS, Sobhana M. Anomaly-based network intrusion detection with ensemble classifiers and meta-heuristic scale in traffic flow streams. J Ambient Intell Humaniz Comput. 2021;12:9241-68.
Cakmakci SD, Kemmerich T, Ahmed T, Baykal N. Online DDoS attack detection using Mahalanobis distance and Kernelbased learning algorithm. J Netw Comput Appl. 2020;168:102756.
Bhandari A, Kumar K, Sangal AL, Behal S. An anomaly based distributed detection system for DDoS attacks in Tier-2 ISP networks. J Ambient Intell Humaniz Comput. 2021;12:1387-406.
Gupta N, Jindal V, Bedi P. LIO-IDS: Handling class imbalance using LSTM and improved one-vs-one technique in intrusion detection system. Comput Netw. 2021;192:108076.
Kushwah GS, Ranga V. Optimized extreme learning machine for detecting DDoS attacks in cloud computing. Comput Secur. 2021;105:102260.
Cil AE, Yildiz K, Buldu A. Detection of DDoS attacks with feed forward based deep neural network model. Expert Syst Appl. 2021;169:114520.
doNascimento PP, Pereira P, Mialaret JM, Ferreira I, Maciel P. A methodology for selecting hardware performance counters for supporting non-intrusive diagnostic of flood DDoS attacks on web servers. Comput Secur. 2021;110:102434.
Correa JH, Ciarelli PM, Ribeiro MR, Villaca RS. ML-based DDoS detection and identification using native cloud telemetry macroscopic monitoring. J Netw Syst Manag. 2021;29:1-28.
Almiani M, AbuGhazleh A, Jararweh Y, Razaque A. DDoS detection in 5Genabled IoT networks using deep Kalman backpropagation neural network. Int J Mach Learn Cybern. 2021;12:3337-49.
Dora VRS, Lakshmi VN. Optimal feature selection with CNN-feature learning for DDoS attack detection using metaheuristic-based LSTM. Int J Intell Robot Appl. 2022;6(2):323-49.
Mirjalili S, Mirjalili SM, Lewis A. Grey wolf optimizer. Adv Eng Softw. 2014;69:46-61.
Liu Z, He Y, Wang W, Zhang B. DDoS attack detection scheme based on entropy and PSO-BP neural network in SDN. China Commun. 2019;16(7):144-55.
Chaithanya PS, Gauthama Raman MR, Nivethitha S, Seshan KS, Sriram VS. An efficient intrusion detection approach using enhanced random forest and mothflame optimization technique. In: Computational Intelligence in Pattern Recognition: Proceedings of CIPR 2019. Singapore: Springer; 2020. p.877-84.
