A homogeneous ensemble based dynamic artificial neural network for solving the intrusion detection problem

Al-Daweri, Muataz Salam; Abdullah, Salwani; Ariffin, Khairul Akram Zainol

A homogeneous ensemble based dynamic artificial neural network for solving the intrusion detection problem

Muataz Salam Al-Daweri, Salwani Abdullah and Khairul Akram Zainol Ariffin

International Journal of Critical Infrastructure Protection, 2021, vol. 34, issue C

Abstract: Network security is a mechanism of protecting the usability and integrity of any given network and its transmitted data. Network security's effectiveness is crucial to the network environment to ensure it is free from any threat, especially in the critical infrastructure (CI). The supervisory control and data acquisition systems in the CI are getting more connected to the internet, putting them in serious security concerns. Any malicious attack against these systems could cause considerable human, economic, and material damages. Thus, it leads to the emergence of the intrusion detection system (IDS). Theoretically, a modern IDS must handle a large amount of data with high accuracy. Ensemble-based, hybrid-based methods and their distinguished applications are a promising way to solve these issues. The efficiency of the IDS is mainly dependent on the selected data features and the used classification method. The artificial neural network (ANN) has been applied in various fields, but it requires adjustment on few parameters to work effectively. This study proposes a homogeneous ensemble based on single-class dynamic ANN (HOE-DANN). Each dynamic ANN (DANN) is optimized by a filter-wrapper method using a modified discrete cuttlefish algorithm based on rough set theory, and a migration-strategy based cuttlefish algorithm. Both algorithms simultaneously optimize the features, ANN structure, weights, and biases for creating the DANN. However, the threshold value of the ensemble model was set using the hill-climbing algorithm. The experiments were applied to well-known benchmark datasets, namely the KDD99, UNSW-NB15, and gas pipeline data logs (GPDL). The results show that the HOE-DANN outperforms the single model based on the DANN. Additionally, a comparison with several state-of-the-art methods has shown that the proposed method offers superior performance in terms of the detection rate (DR), false alarm rate (FAR), and classification accuracy (ACC). The HOE-DANN model was able to achieve DR of 97.47%, FAR of 2.25%, and ACC of 97.52% using the KDD99 dataset, DR of 99.93%, FAR of 13.13%, and ACC of 94.08% using the UNSW-NB15 dataset, and DR of 98.08%, FAR of 2.69%, and ACC of 94.50% using the GPDL dataset.

Keywords: Classification; Optimization; Filter-wrapper feature selection; Dynamic artificial neural network; Intrusion detection system; Critical infrastructure (search for similar items in EconPapers)
Date: 2021
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (3)

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S187454822100041X
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:34:y:2021:i:c:s187454822100041x

DOI: 10.1016/j.ijcip.2021.100449

Access Statistics for this article

International Journal of Critical Infrastructure Protection is currently edited by Leon Strous

More articles in International Journal of Critical Infrastructure Protection from Elsevier
Bibliographic data for series maintained by Catherine Liu ().