Professional Documents
Culture Documents
a r t i c l e i n f o a b s t r a c t
Keywords: As the number of intrusions is increasing, intrusion detection of systems and network infrastructures Systems
Evolutionary techniques (IDS) is now an active research area to develop reliable and efficient detection and countering solutions. Finding
EGWO the efficient methods for intrusion detection in information and network security is a crucial step and that in this
Genetic algorithms
study proposed an evolutionary approach for intrusion detection that is more efficient and effective. Evolutionary
IDS, Intrusion detection
algorithms have been demonstrated in the IDS over the times, its maturity. Although most research is carried out
on genetic algorithms which have their merits and demerits. In this paper, we present an optimized algorithm viz.
Genetic-based Enhanced grey wolf optimization (GB-EGWO) Algorithm for intrusion detection. The number of
feature selections for the proposed algorithm was selected from the new FS algorithm to increase IDS performance.
In this study, the benchmark NSL-KDD network intrusion was applied to evaluate the proposed algorithm modified
from the 99-data KDD cup to evaluate IDS issues. Simulation results prove its effectiveness over the existing work
and have achieved better accuracy.
1. Introduction of data in the network and between the networks [2]. The GWO algo-
rithm [3] proposes a model of gray wolf algorithm and its hierarchy to
Classical approaches face significant problems in finding the opti- be considered as a solution for optimization problems. The structure of
mization algorithm for intrusion detection. To resolve the shortcom- hierarchy is of four levels (Groups) i.e., alpha, beta, delta, and omega
ings Orthodox methods of mathematics, population Basic algorithm of that are categorized based on their fitness value. The hunting behavior
soft computing was introduced over the last decades [1-5]. The meta- of wolves have three stages namely searching, encircling, and attacking
heuristic algorithms have been used in the last decades, most were stud- the prey that mimics the mathematical model can be used in various
ied GA-based methods to solve several optimization problems. Since applications that can be used for finding the optimization solutions.
then, Intrusion Detection Systems (IDS) have become for many years Intrusion: Detection systems (IDSs) are usually deployed along with
an increasingly open field of research. Several advanced intrusions and other preventive sequences ritual mechanisms such as access control
techniques developed by intruders to compensate security. Detection of and authentication as a second line defense to protect information sys-
an intrusion system is a monitoring instrument or software application tems. The IDSs may be classified as Host Based Intrusion Detection Sys-
that monitors network for malicious events or violation of policies and tem (HIDS) (Fig. 1), Network Based Intrusion Detection System (NIDS)
produces reports. An intrusion can be a behavior or traffic that is not (Fig. 2), Hybrid Intrusion Detection System (HIDS) (Fig. 3). NIDS pas-
lawful on a system or network, permitted. Such behaviors are executed sively or actively monitors and captures the packets that are in network
by intruders. An intruder is usually described as a system, program or transmissions [13]. NIDS Could analysis for a whole packet, the packet
individual who attempts to become and may become successful in break- payload, IP, or ports. [2,5].
ing into or executing an information system action that is not legally per- HIDS helps in detecting the attacks or events that occurs on the host.
mitted. Intruders are regarded as two categories, internal and external They are helpful in detecting or identifying the packets that can cause
[6-8]. The first one refers to a group of individuals with legal access to a vulnerabilities in the host. The various intrusions that can be detected by
system and an unlicensed action attempt. The second one concerns peo- these systems like memory management, resource allocation, file system
ple who do not have access to the system and try to do anything about management etc.
it. The packets that are collected is compared with the trusted database Hybrid intrusion detection system, consisting of the efficient use of
to determine which are trusted packets and which are anomaly based. mobile agents, both NIDS and HIDS components.in hybris systems two
These systems are also connected to the firewall to monitor the flow or more systems are integrated that improves the efficiency in intrusion
∗
Corresponding authors.
E-mail addresses: yssvce2123@gmail.com (Y. T), gururajmurtu@gmail.com (G. Murtugudde).
https://doi.org/10.1016/j.gltp.2021.08.066
Received 7 June 2021; Accepted 28 June 2021
Available online 12 August 2021
2666-285X/© 2021 The Authors. Publishing Services by Elsevier B.V. on behalf of KeAi Communications Co. Ltd. This is an open access article under the CC BY
license (http://creativecommons.org/licenses/by/4.0/)
Y. T and G. Murtugudde Global Transitions Proceedings 2 (2021) 255–260
256
Y. T and G. Murtugudde Global Transitions Proceedings 2 (2021) 255–260
𝐷⃗ 𝛼 = ||𝐶1 .𝑋
⃖⃖⃖⃖𝛼⃗ − 𝑋⃖⃖⃖⃖⃗ (𝑡)||
| |
⃖⃖⃖⃗ | ⃖⃖⃖⃖𝛽⃗ − 𝑋⃖⃖⃖⃖⃗ (𝑡)||
𝐷𝛽 = |𝐶2 .𝑋 (5)
| |
𝐷⃗ 𝛿 = ||𝐶3 .𝑋
⃖⃖⃖⃖𝛿⃗ − 𝑋⃖⃖⃖⃖⃗ (𝑡)||
| |
⃖⃖⃖⃖⃗1 + 𝑋
𝑋 ⃖⃖⃖⃖⃗2 + 𝑋
⃖⃖⃖⃖⃗3
⃖⃖⃖⃖⃗(𝑡 + 1) =
𝑋 (6)
3
Fig. 4. Social Hierarchy of Grey Wolves.
In Eq. (5):
⃖⃖⃖⃖𝛼⃗, 𝑋
𝑋 ⃖⃖⃖⃖𝛽⃗, 𝑋
⃖⃖⃖⃖⃗𝛿 are the position vectors of 𝛼,𝛽 and ẟ.
advisory role to the alpha and the entire pack. The role of delta wolves Attacking Prey: When Prey stop moving wolves attack it to finish
is to act as scapegoat. Omega is having importing parameter in the pack the hunting process. This is modeled by decreasing 𝑎⃖⃖⃗ from 2 to 0 during
and they are the last level in hierarchy that will help in monitoring the the iterations. As 𝑎⃖⃖⃗ Decreases 𝐴 ⃖⃖⃖⃗ also decreases. A<1 forces the wolf to
other hierarchy. [4,5,16,17] attack towards the prey and A>1 diverse from the prey and find a better
Encircling the prey: The Mathematical model of Encircling behav- prey [4].
ior is given by following equation:
⃖⃖⃖⃗ = ||𝐶
𝐷 ⃖⃖⃖⃗.𝑋 ⃖⃖⃖⃖⃗(𝑡)||
⃖⃖⃖⃖⃗𝑝 − 𝑋 (1)
| | 4. Results and discussion
D=Distance Vector
T=Current Iterations Intrusion Detection System (IDS) overall performance is based on
⃖⃖⃖⃖⃗=Coefficient Vector
𝑋 how efficiently It detects intrusions and precise attack diagnosis. A
⃖⃖⃖⃖⃗(𝑡 + 1) = ||𝑋
𝑋 ⃗ ||
⃖⃖⃖⃗.𝐷
⃖⃖⃖⃖⃗(𝑡) − 𝐴 (2) significant factor for intrusions in network safety is the detection
| 𝑝 | rate/classification accuracy as well as the number of features.
⃖⃖⃖⃖⃗𝑝 =Position of prey
𝑋 ( )
1
⃖⃖⃖⃖⃗=Position of Grey wolf
𝑋 Fitness value = E ∗ a + ∗𝑏 (7)
𝑁𝑆𝐹
⃖⃖⃖⃗=Coefficient Vector
𝐴
⃖⃖⃖⃗, 𝐶
𝐴 ⃖⃖⃖⃗ Vectors are Calculated as: Where E, a and b depends on the empirical scope.
As per the above equation that decrease in number of feature selec-
⃖⃖⃖⃗ = 2.𝑎⃖⃖⃗.𝑟⃖⃖⃗1 − 𝑎⃖⃖⃗
𝐴 (3)
tions increases the fitness value there by increasing the scope of intru-
sion detection in optimized time. Hence in the proposed approach the
⃖⃖⃖⃗ = 2. 𝑟⃖⃖⃗2
𝐶 (4) number of selection features will be minimized and analyzed the effi-
ciency of intrusion detections (finding the attacks) with an increase in
𝑟⃖⃖⃗1 , 𝑟⃖⃖⃗2 are the Random Vectors that range from 0 and 1. the level of efficiency.
257
Y. T and G. Murtugudde Global Transitions Proceedings 2 (2021) 255–260
258
Y. T and G. Murtugudde Global Transitions Proceedings 2 (2021) 255–260
Table 1
Feature Selection and Percentage values of various methods of Fig. 10.
References
[1] Hussein Almazini, Ku Ku-Mahamud, Grey wolf optimization parameter control for
feature selection in anomaly detection, Int. J. Intell. Eng. Syst. 14 (2021) 2021,
doi:10.22266/ijies2021.0430.43.
[2] Qusay Alzubi, Mohammed Anbar, Zakaria Alqattan, Mohammed Al-Betar, Rosni Ab-
dullah, Intrusion detection system based on a modified binary grey wolf optimiza-
tion, Neural Comput. Appl. 32 (2020), doi:10.1007/s00521-019-04103-1.
[3] Özge Cepheli, Saliha Buyukcorak, Karabulut Kurt, Gunes, Hybrid intru-
Fig. 11. Convergence Between GWO and MGWO.
sion detection system for DDoS attacks, J. Electr. Comput. Eng. (2016),
doi:10.1155/2016/1075648.
[4] Peifeng Niu, Songpeng Niu, Nan liu, Lingfang Chang, The defect of the Grey
Wolf optimization algorithm and its verification method, Knowl.-Based Syst. (2019)
171.10.1016/j.knosys.19.
[5] Rezaei, Hossein & Bozorg-Haddad, Omid & Chu, Xuefeng. (2018). Grey Wolf Opti-
mization (GWO) Algorithm. 10.1007/978-981-10-5221-7_9.
[6] JK Seth, S Chandra, Intrusion detection based on key feature selection using binary
GWO, in: 3rd international conference on computing for sustainable global devel-
opment, IEEE, 2016, pp. 3735–3740. Mar 2016.
[7] Yang, Honghao & Zhou, Zhiping. (2018). A Novel Intrusion Detection Scheme Using
Cloud Grey Wolf Optimizer. 8297-8302. 10.23919/ChiCC.2018.8483324.
[8] Yerriswamy T, Gururaj Murtugudde (2020),” Study of Evolutionary Tech-
niques in the field of Network Security. 594-598. NetworSecurity 10.1109/IC-
STCee49637.2020.9277082
[9] T Yerriswamy, J Venkatagiri, Ant colony optimization based traffic analysis for find-
ing shortest path in mobile adhoc networks, Int. J. Pure Appl. Math. (2018) June-.
[10] E Emary, HM Zawbaa, AE Hassanien, Binary grey wolf optimization approaches for
feature selection, Computing 172 (2016) 371–381.
[11] S Lee, S Soak, S Oh, W Pedrycz, M Jeon, Modified binary particle swarm optimiza-
tion, Prog. Nat. Sci. 18 (9) (2008) 1161–1166.
[12] S Mirjalili, SM Mirjalili, XS Yang, Binary bat algorithm, Neural. Comput. Appl. 25
(3–4) (2014) 663–681.
[13] K Kumar, JS Batth, Network intrusion detection with feature selection techniques
Fig. 12. Convergence Between MBGWO and GB-EGWO(Proposed).
using machine-learning algorithms, Int. J. Comput. Appl. 150 (12) (2016) 1–13.
259
Y. T and G. Murtugudde Global Transitions Proceedings 2 (2021) 255–260
[14] Mehrnaz Mazini, Babak Shirazi, Iraj Mahdavi, Anomaly network-based intrusion de- [23] S. Vadivel, S. Konda, K.R. Balmuri, A. Stateczny, B.D. Parameshachari, Dynamic
tection system using a reliable hybrid artificial bee colony and Ada Boost algorithms, route discovery using modified grasshopper optimization algorithm in wireless
J. King Saud Univ. - Comput. Inf. Sci. 31 (2018), doi:10.1016/j.jksuci.2018.03.011. ad-hoc visible light communication network, Electronics 10 (10) (2021) 1176 p..
[15] Hussein Almazini, Ku Ku-Mahamud, Grey wolf optimization parameter control for [24] S.N. Shivappriya, M. Priyadarsini, A. Stateczny, C. Puttamadappa, B.D. Parame-
feature selection in anomaly detection, Int. J. Intell. Eng. Syst. 14 (2021) 2021, shachari, Cascade object detection and remote sensing object detection method
doi:10.22266/ijies2021.0430.43. based on trainable activation function, Remote Sensing 13 (2) (2021) 200 p..
[16] M. Chandra, A. Agrawal, A. Kishor, R. Niyogi, Web Service Selection with Global [25] Taief Alamiedy, Mohammed Anbar, Zakaria Alqattan, Qusay Alzubi, Anomaly-based
Constraints using Modified Gray Wolf Optimizer, in: Proc. of 2016 International intrusion detection system using multi-objective grey wolf optimization algorithm, J.
Conf. on Advances in Computing, Communications and Informatics (ICACCI), 2016, Ambient Intell. Humanized Comput. 11 (2020), doi:10.1007/s12652-019-01569-8.
pp. 1989–1994. [26] G.B. Rajendran, U.M. Kumarasamy, C. Zarro, P.B. Divakarachari, S.L. Ullo, Land-use
[17] Dr. Lokesh, Yerriswamy T, A Proportional analysis of a collection of techniques in and land-cover classification using a human group-based particle swarm optimiza-
sequential rules mining and sequential patterns mining, Int. J. Mech. Prod. Eng. Res. tion algorithm with an LSTM Classifier on hybrid pre-processing remote-sensing im-
Devel. (2018) E-ISSN:2249-8001, Nov-. ages, Remote Sensing 12 (24) (2020) 4135 p..
[18] Dr. Lokesh, Yerriswamy T “Design, Improvement, Development, and Performance [27] T. Nguyen, B.H. Liu, N. Nguyen, B. Dumba, J.T. Chou, Smart Grid Vulnerability
analysis of a collection of models developed from Naive Bayes and maximum entropy and Defense Analysis Under Cascading Failure Attacks, IEEE Trans. Power Delivery
opinion mining classifiers for movie reviews, Int. J. Eng. Technol. (2018) June-. (2021).
[19] Reddy SaiSindhuTheja, Gopal Shyam, An efficient metaheuristic algorithm- [28] Balasaraswathi Ranganathan, Muthukumarasamy Sugumaran, Y asir Hamid, Fea-
based feature selection and recurrent neural network for DoS attack detec- ture selection techniques for intrusion detection using non-bio-inspired and
tion in cloud computing environment, Appl. Soft Comput. 100 (2021) 106997, bio-inspired optimization algorithms, J. Commun. Inf. Networks 2 (2017),
doi:10.1016/j.asoc.2020.106997. doi:10.1007/s41650-017-0033-7.
[20] Onay, Murat. (2016). A new and fast optimization algorithm: fox hunting algorithm [29] N.V. Pham, T.N. Nguyen, T.D. Ngo, A.T. Truong, G.L. Nguyen, A novel approach for
(FHA). 10.2991/amsm-16.2016.35. pivot-based sensor fusion of small satellites, Phys. Commun. 45 (2021) 101261.
[21] Dr.Gururaj Murtugudde, Gokul HN, Anomaly detection and local outlier factor for [30] D.T. Do, T.T.T. Nguyen, T.N. Nguyen, X. Li, M. Voznak, Uplink and downlink NOMA
credit card fraud detection, JETIR 7 (2) (Feb 2020) Issue. transmission using full-duplex UAV, IEEE Access 8 (2020) 164347–164364.
[22] F. Azam, S. Kumar, K.P. Yadav, N. Priyadarshi, S. Padmanaban, An outline of the se- [31] L. Tan, N. Shi, K. Yu, M. Aloqaily, Y. Jararweh, A blockchain-empowered access
curity challenges in VANET, in: 2020 IEEE 7th Uttar Pradesh Section International control framework for smart devices in green internet of things, ACM Trans. Internet
Conference on Electrical, Electronics and Computer Engineering (UPCON), Praya- Technol. 21 (3) (2021) 1–20.
graj, India, 2020, pp. 1–6, doi:10.1109/UPCON50219.2020.9376518.
260