A Novel Anomaly-based Intrusion Detection System using Whale Optimization Algorithm WOA-Based Intrusion Detection System

Document Type : Original Article

Authors

1 Department of Computer Sciences, Faculty of Sciences, Golestan University, Gorgan, Iran

2 Department of Computer Sciences, Faculty of Sciences, Golestan University

Abstract

The Internet has become an important part of many people’s daily activities. Therefore, numerous attacks threaten Internet users. IDS is a network intrusion detection tool used to quickly identify and categorize intrusions, attacks, or security issues in network-level and host-level infrastructure. Although much research has been done to improve IDS performance, many key issues remain. IDSs need to be able to more accurately detect different types of intrusions with fewer false alarms and other challenges. In this paper, we attempt to improve the performance of IDS using Whale Optimization Algorithm (WOA). The results are compared with other algorithms. NSL-KDD dataset is used to evaluate and compare the results. K-means clustering was chosen for pre-processing after a comparison between some of the existing classifier algorithms. The proposed method has proven to be a competitive method in terms of detection rate and false alarm rate base on a comparison with some of the other existing methods.

Keywords

Main Subjects


  • World Internet Usage Statistics News and World Population Stats [Online]. https://www.internetworldstats.com/stats.htm [accessed: 18/09/2021].
  • Peng, K. K. R. Choo, and H. Ashman, “User profiling in intrusion detection: A review,” Journal of Network and Computer Applications, vol. 72, pp.14-27, 2016.
  • Canali, M. Cova, G. Vigna, and C. Kruegel, “Prophiler: A fast filter for the large -scale detection of malicious Web pages categories and subject descriptors,” In Proceedings of the 20th International World Wide Web Conference, 2017, pp.197-206.
  • Shrivastava, M. Baghel, and H. Gupta, “A Review of Intrusion Detection Technique by Soft Computing and Data Mining Approach,” International Journal of Advanced Computer Research, vol. 3, pp. 224-228, 2013.
  • Rajabi, S. Jamali, and J. Javadian, “An Intrusion Detection System in Computer Networks using the Firefly Algorithm and the Fast Learning Network,” International Journal of Web Research, vol. 3, pp. 50-56, 2020.
  • Gamage, and J. Samarabandu, “Deep learning methods in network intrusion detection: A survey and an objective comparison,” Journal of Network and Computer Applications, vol. 169, p. 102767, 2020.
  • S. Sadiq, B. Alkazemi, S. Mirjalili, N. Ahmed, and S. Khan et al., “An Efficient IDS Using Hybrid Magnetic Swarm Optimization in WANETs,” IEEE Access, vol. 6, pp. 29041-29053, 2018.
  • H. Ali, B. A. D. Al Mohammed, A. Ismail and M. F. Zolkipli, “A New Intrusion Detection System Based on Fast Learning Network and Particle Swarm Optimization,” IEEE Access, vol. 6, pp. 20255-20261, 2018.
  • Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, “Deep Learning Approach for Intelligent Intrusion Detection System,” IEEE Access, vol. 7, pp. 41525-41550, 2019.
  • Hajisalem, and S. Babaie, “A hybrid intrusion detection system based on ABC-AFS algorithm for misuse and anomaly detection,” Computer Networks, vol. 136, pp. 37–50, 2018.
  • Hajimirzaei, and N. J. Navimipour, “Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm,” ICT Express, vol. 5, pp. 56–59, 2019.
  • Mazini, B. Shirazi, and I. Mahdavi, “Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms,” Journal of King Saud University - Computer and Information Sciences, vol 31, pp. 541–553, 2019.
  • Y. Chung, and N. Wahid, “A hybrid network intrusion detection system using simplified swarm optimization (SSO),” Applied Soft Computing, vol. 12, pp. 3014–3022, 2012.
  • Guo, Y. Ping, N. Liu, and S. Luo, “A two-level hybrid approach for intrusion detection,” Neurocomputing, vol. 214, pp. 391–400, 2016.
  • Singaravelan, R. Arun, D. Arunshunmugam, S. Joy, and D. Murugan, “Inner interruption discovery and defense system by using data mining,” Journal of King Saud University-Computer and Information Sciences, vol. 32, pp. 592–598, 2020.
  • Shithrth, and W. Prince, “An enhanced optimization based algorithm for intrusion detection in SCADA network,” Computers & Security, vol. 70, pp. 16–26, 2017.
  • Liang, K. Li, J. Long, X. Kui, and A. Y. Zomaya, “An Industrial Network Intrusion Detection Algorithm Based on Multifeature Data Clustering Optimization Model,” IEEE Transactions on Industrial Informatics, vol. 16, pp. 2063-2071, March 2020.
  • Benmessahel, K. Xie, M. Chellal, and T. Semong, “A new evolutionary neural networks based on intrusion detection systems using locust swarm optimization,” Evolutionary Intelligence, vol. 12, pp. 131–146, 2019.
  • R. K. Tummalapalli, and A. S. N. Chakravarthy, “Intrusion detection system for cloud forensics using bayesian fuzzy clustering and optimization based SVNN,” Evolutionary Intelligence, vol. 14, pp. 699-709, 2021.
  • J. Malik, and F. A. Khan, “A hybrid technique using binary particle swarm optimization and decision tree pruning for network intrusion detection,” Cluster Computing, vol. 21, pp. 667–680, 2018.

 

  • K. Samriya, and N. Kumar, “A novel intrusion detection system using hybrid clustering-optimization approach in cloud computing,” Materials Today: Proceedings, In Press, 2020.
  • N. Neethu, S. Jayanthy, and J. A. Kovilpillai, “Greenhouse Monitoring and Controlling using Modified K Means Clustering Algorithm,” In Third International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), IEEE, 2019, pp. 456-462.
  • Mirjalili, and A. Lewis, “The Whale Optimization Algorithm,” Advances in Engineering Software, vol. 95, pp. 51-67, 2016.

 

 Aliakbar Tajari Siahmarzkooh received the B.Sc. degree in Computer Engineering from Ferdowsi University of Iran in 2009, and the M.Sc. and Ph.D. degree in Computer Science from University of Tabriz, Iran in 2012 and 2017, respectively. He has been working with the Department of Computer Sciences, Golestan University, since 2017, where he is now an assistant professor. His current research interests include network security, data mining and artificial intelligence.

 

 Mohammad Alimardani received the B.Sc. degree in Computer Sciences from Golestan University of Iran in 2021. He has been working with the Department of Computer Sciences, Golestan University on data mining approaches since 2019. His current research interests include network, data mining and cloud computing.