WOA-DNN for Intelligent Intrusion Detection and Classification in MANET Services

Mobile ad-hoc networks(MANET)are garnering a lot of attention because of their potential to provide low-cost solutions to real-world communica-tions.MANETs are more vulnerable to security threats.Changes in nodes,band-width limits,and centralized control and management are some of the characteristics.IDS(Intrusion Detection System)are the aid for detection,deter-mination,and identification of illegal system activity such as use,copying,mod-ification,and destruction of data.To address the identified issues,academics have begun to concentrate on building IDS-based machine learning algorithms.Deep learning is a type of machine learning that can produce exceptional outcomes.This study proposes that WOA-DNN be used to detect and classify incursions in MANET(Whale Optimized Deep Neural Network Model)WOA(Whale Opti-mization Algorithm)and DNN(Deep Neural Network)are used to optimize the preprocessed data to construct a system for classifying and predicting unantici-pated cyber-attacks that are both effective and efficient.As a result,secure data transport to other nodes is provided,preventing intruder attacks.The invaders are found using the(Machine Learning)ML-IDS and WOA-DNN methods.The data is reduced in dimensionality using Principal Component Analysis(PCA),which improves the accuracy of the outputs.A classifier is used in forward propagation to predict whether a result is normal or malicious.To compare the traditional and proposed models’effectiveness,the accuracy of classification,detection of the attack rate,precision rate,and F-Measure,Recall are utilized.The proposed WOA-DNN model has higher assessment metrics and a 99.1%accuracy rate.WOA-DNN also has a greater assault detection rate than others,resulting in fewer false alarms.The classification accuracy of the proposed WOA-DNN model is 99.1%.

Research on the Network Intrusion Detection System based on Modified Particle Swarm Optimization Algorithm

In this paper, we conduct research on the network intrusion detection system based on the modified particle swarm optimization algorithm. Computer interconnection ability put forward the higher requirements for the system reliability design, the need to ensure that the system can support various communication protocols to guarantee the reliability and security of the network. At the same time also require network system, the server or products have strong ability of fault tolerance and redundancy, better meet the needs of users, to ensure the safety of the information data and the good operation of the network system. For this target, we propose the novel paradigm for the enhancement of the modern computer network that is innovative.

Research on the Novel Computer Network Intrusion Detection Model based on Improved Particle Swarm Optimization Algorithm

In this paper, we conduct research on the novel computer network intrusion detection model based on improved particle swarmoptimization algorithm. TCP fl ood attack, UDP fl ood attack, ICMP fl ood attack, deformity of message attack, the application layer attack is themost typical DDOS attacks, DDOS attacks are also changing to upgrade at the same time, scholars research on DDOS attack defense measuresbecome more and more has the application value and basic practical signifi cance. Network security protection is a comprehensive project, nomatter what measures to take that safety is always relative, so as the network security administrator, should change with the network securitysituation and the security requirements, moderate to adjust security policies, so as to achieve the target. Under this basis, we propose the newperspective on the IDS system that will then enhance the robustness and safetiness of the overall network system.

Adaptive Butterfly Optimization Algorithm(ABOA)Based Feature Selection and Deep Neural Network(DNN)for Detection of Distributed Denial-of-Service(DDoS)Attacks in Cloud

Cloud computing technology provides flexible,on-demand,and completely controlled computing resources and services are highly desirable.Despite this,with its distributed and dynamic nature and shortcomings in virtualization deployment,the cloud environment is exposed to a wide variety of cyber-attacks and security difficulties.The Intrusion Detection System(IDS)is a specialized security tool that network professionals use for the safety and security of the networks against attacks launched from various sources.DDoS attacks are becoming more frequent and powerful,and their attack pathways are continually changing,which requiring the development of new detection methods.Here the purpose of the study is to improve detection accuracy.Feature Selection(FS)is critical.At the same time,the IDS’s computational problem is limited by focusing on the most relevant elements,and its performance and accuracy increase.In this research work,the suggested Adaptive butterfly optimization algorithm(ABOA)framework is used to assess the effectiveness of a reduced feature subset during the feature selection phase,that was motivated by this motive Candidates.Accurate classification is not compromised by using an ABOA technique.The design of Deep Neural Networks(DNN)has simplified the categorization of network traffic into normal and DDoS threat traffic.DNN’s parameters can be finetuned to detect DDoS attacks better using specially built algorithms.Reduced reconstruction error,no exploding or vanishing gradients,and reduced network are all benefits of the changes outlined in this paper.When it comes to performance criteria like accuracy,precision,recall,and F1-Score are the performance measures that show the suggested architecture outperforms the other existing approaches.Hence the proposed ABOA+DNN is an excellent method for obtaining accurate predictions,with an improved accuracy rate of 99.05%compared to other existing approaches.

A Novel Immune System Model and Its Application to Network Intrusion Detection

Based on analyzing the techniques and architecture of existing network Intrusion Detection System (IDS), and probing into the fundament of Immune System (IS), a novel immune model is presented and applied to network IDS, which is helpful to design an effective IDS. Besides, this paper suggests a scheme to represent the self profile of network. And an automated self profile extraction algorithm is provided to extract self profile from packets. The experimental results prove validity of the scheme and algorithm, which is the foundation of the immune model.

Improved Supervised and Unsupervised Metaheuristic-Based Approaches to Detect Intrusion in Various Datasets

Due to the increasing number of cyber-attacks,the necessity to develop efficient intrusion detection systems(IDS)is more imperative than ever.In IDS research,the most effectively used methodology is based on supervised Neural Networks(NN)and unsupervised clustering,but there are few works dedicated to their hybridization with metaheuristic algorithms.As intrusion detection data usually contains several features,it is essential to select the best ones appropriately.Linear Discriminant Analysis(LDA)and t-statistic are considered as efficient conventional techniques to select the best features,but they have been little exploited in IDS design.Thus,the research proposed in this paper can be summarized as follows.a)The proposed approach aims to use hybridized unsupervised and hybridized supervised detection processes of all the attack categories in the CICIDS2017 Dataset.Nevertheless,owing to the large size of the CICIDS2017 Dataset,only 25%of the data was used.b)As a feature selection method,the LDAperformancemeasure is chosen and combinedwith the t-statistic.c)For intrusion detection,unsupervised Fuzzy C-means(FCM)clustering and supervised Back-propagation NN are adopted.d)In addition and in order to enhance the suggested classifiers,FCM and NN are hybridized with the seven most known metaheuristic algorithms,including Genetic Algorithm(GA),Particle Swarm Optimization(PSO),Differential Evolution(DE),Cultural Algorithm(CA),Harmony Search(HS),Ant-Lion Optimizer(ALO)and Black Hole(BH)Algorithm.Performance metrics extracted from confusion matrices,such as accuracy,precision,sensitivity and F1-score are exploited.The experimental result for the proposed intrusion detection,based on training and test CICIDS2017 datasets,indicated that PSO,GA and ALO-based NNs can achieve promising results.PSO-NN produces a tested accuracy,global sensitivity and F1-score of 99.97%,99.95%and 99.96%,respectively,outperforming performance concluded in several related works.Furthermore,the best-proposed approaches are valued in the most recent intrusion detection datasets:CSE-CICIDS2018 and LUFlow2020.The evaluation fallouts consolidate the previous results and confirm their correctness.

New Denial of Service Attacks Detection Approach Using Hybridized Deep Neural Networks and Balanced Datasets

Denial of Service(DoS/DDoS)intrusions are damaging cyberattacks,and their identification is of great interest to the Intrusion Detection System(IDS).Existing IDS are mainly based on Machine Learning(ML)methods including Deep Neural Networks(DNN),but which are rarely hybridized with other techniques.The intrusion data used are generally imbalanced and contain multiple features.Thus,the proposed approach aims to use a DNN-based method to detect DoS/DDoS attacks using CICIDS2017,CSE-CICIDS2018 and CICDDoS 2019 datasets,according to the following key points.a)Three imbalanced CICIDS2017-2018-2019 datasets,including Benign and DoS/DDoS attack classes,are used.b)A new technique based on K-means is developed to obtain semi-balanced datasets.c)As a feature selectionmethod,LDA(Linear Discriminant Analysis)performance measure is chosen.d)Four metaheuristic algorithms,counting Artificial Immune System(AIS),Firefly Algorithm(FA),Invasive Weeds Optimization(IWO)and Cuckoo Search(CS)are used,for the first time together,to increase the performance of the suggested DNN-based DoS attacks detection.The experimental results,based on semi-balanced training and test datasets,indicated that AIS,FA,IWO and CS-based DNNs can achieve promising results,even when cross-validated.AIS-DNN yields a tested accuracy of 99.97%,99.98%and 99.99%,for the three considered datasets,respectively,outperforming performance established in several related works.

A Neuro-genetic Based Short-term Forecasting Framework for Network Intrusion Prediction System

Information systems are one of the most rapidly changing and vulnerable systems, where security is a major issue. The number of security-breaking attempts originating inside organizations is increasing steadily. Attacks made in this way, usually done by ＂authorized＂ users of the system, cannot be immediately traced. Because the idea of filtering the traffic at the entrance door, by using firewalls and the like, is not completely successful, the use of intrusion detection systems should be considered to increase the defense capacity of an information system. An intrusion detection system （IDS） is usually working in a dynamically changing environment, which forces continuous tuning of the intrusion detection model, in order to maintain sufficient performance. The manual tuning process required by current IDS depends on the system operators in working out the tuning solution and in integrating it into the detection model. Furthermore, an extensive effort is required to tackle the newly evolving attacks and a deep study is necessary to categorize it into the respective classes. To reduce this dependence, an automatically evolving anomaly IDS using neuro-genetic algorithm is presented. The proposed system automatically tunes the detection model on the fly according to the feedback provided by the system operator when false predictions are encountered. The system has been evaluated using the Knowledge Discovery in Databases Conference （KDD 2009） intrusion detection dataset. Genetic paradigm is employed to choose the predominant features, which reveal the occurrence of intrusions. The neuro-genetic IDS （NGIDS） involves calculation of weightage value for each of the categorical attributes so that data of uniform representation can be processed by the neuro-genetic algorithm. In this system unauthorized invasion of a user are identified and newer types of attacks are sensed and classified respectively by the neuro-genetic algorithm. The experimental results obtained in this work show that the system achieves improvement in terms of misclassification cost when compared with conventional IDS. The results of the experiments show that this system can be deployed based on a real network or database environment for effective prediction of both normal attacks and new attacks.

Genetic-based Fuzzy IDS for Feature Set Reduction and Worm Hole Attack Detection

The wireless ad-hoc networks are decentralized networks with a dynamic topology that allows for end-to-end communications via multi-hop routing operations with several nodes collaborating themselves,when the destination and source nodes are not in range of coverage.Because of its wireless type,it has lot of security concerns than an infrastructure networks.Wormhole attacks are one of the most serious security vulnerabilities in the network layers.It is simple to launch,even if there is no prior network experience.Signatures are the sole thing that preventive measures rely on.Intrusion detection systems(IDS)and other reactive measures detect all types of threats.The majority of IDS employ features from various network layers.One issue is calculating a huge layered features set from an ad-hoc network.This research implements genetic algorithm(GA)-based feature reduction intrusion detection approaches to minimize the quantity of wireless feature sets required to identify worm hole attacks.For attack detection,the reduced feature set was put to a fuzzy logic system(FLS).The performance of proposed model was compared with principal component analysis(PCA)and statistical parametric mapping(SPM).Network performance analysis like delay,packet dropping ratio,normalized overhead,packet delivery ratio,average energy consumption,throughput,and control overhead are evaluated and the IDS performance parameters like detection ratio,accuracy,and false alarm rate are evaluated for validation of the proposed model.The proposed model achieves 95.5%in detection ratio with 96.8%accuracy and produces very less false alarm rate(FAR)of 14%when compared with existing techniques.

Deep Learning-Based Intrusion System for Vehicular Ad Hoc Networks

The increasing use of the Internet with vehicles has made travel more convenient.However,hackers can attack intelligent vehicles through various technical loopholes,resulting in a range of security issues.Due to these security issues,the safety protection technology of the in-vehicle system has become a focus of research.Using the advanced autoencoder network and recurrent neural network in deep learning,we investigated the intrusion detection system based on the in-vehicle system.We combined two algorithms to realize the efficient learning of the vehicle’s boundary behavior and the detection of intrusive behavior.In order to verify the accuracy and efficiency of the proposed model,it was evaluated using real vehicle data.The experimental results show that the combination of the two technologies can effectively and accurately identify abnormal boundary behavior.The parameters of the model are self-iteratively updated using the time-based back propagation algorithm.We verified that the model proposed in this study can reach a nearly 96%accurate detection rate.

Genetic Algorithm with Variable Length Chromosomes for Network Intrusion Detection

Genetic algorithm(GA) has received significant attention for the design and implementation of intrusion detection systems. In this paper, it is proposed to use variable length chromosomes(VLCs) in a GA-based network intrusion detection system.Fewer chromosomes with relevant features are used for rule generation. An effective fitness function is used to define the fitness of each rule. Each chromosome will have one or more rules in it. As each chromosome is a complete solution to the problem, fewer chromosomes are sufficient for effective intrusion detection. This reduces the computational time. The proposed approach is tested using Defense Advanced Research Project Agency(DARPA) 1998 data. The experimental results show that the proposed approach is efficient in network intrusion detection.

铁路周界入侵目标多尺度特征感知算法

准确识别侵入周界范围内的人和大型牲畜是铁路周界入侵视频智能分析技术的重点内容,对保障铁路安全运营具有重要意义。基于现有目标检测算法难以处理铁路监控场景中入侵目标呈现显著尺度变化的状况,提出一种多输入双输出神经网络(Multiple Input Double Output Network,MIDO-Net)和基于自适应特征加权融合的目标多尺度特征感知算法。首先,通过MIDO-Net多层级联的多输入和双输出网络结构,提取图像目标更丰富的多尺度特征信息;其次,依据骨干网络多阶段的特点,先将多级特征上采样至统一分辨率,再利用注意力模块和自适应参数对多级特征进行加权;然后,将特征输入到检测头中完成铁路周界入侵的识别;最后,通过视觉目标类别(Visual Object Classes,VOC)公共数据集和制作的多场景、多尺度铁路异物侵限数据集,对算法进行验证。结果表明:提出的多尺度特征感知算法在VOC公共数据集中的检测精确率达83.3%,在多场景、多尺度铁路异物侵限数据集中的检测精确率达91.1%,平均召回率达56.2%,均优于当前广泛使用的各种特征提取骨干网络;算法检测速率为45帧·s^(-1),优于同类型的骨干网络,且能满足铁路场景的行人实时监测需求。

基于改进K-means数据聚类算法的网络入侵检测

随着入侵手段的不断更新和升级,传统入侵检测方法准确率下降、检测时间延长,无法满足网络防御要求。为此,提出一种经过改进K均值(K-means)数据聚类算法,以应对不断升级的网络入侵行为。先以防火墙日志为基础转换数值,然后基于粒子群算法求取最优初始聚类中心,实现K-means数据聚类算法的改进;最后以计算得出的特征值为输入项,实现对网络入侵行为的精准检测。结果表明:K-means算法改进后较改进前的戴维森堡丁指数更小,均低于0.6,达到了改进目的。改进K-means算法各样本的准确率均高于90%,相对更高,检测时间均低于10 s,相对更少,说明该方法能够以高效率完成更准确的网络入侵检测。

基于深度生成模型的医院网络异常信息入侵检测算法

为保障医院信息网络的安全管理,避免医疗信息泄露,提出了基于深度生成模型的医院网络异常信息入侵检测算法。采用二进制小波变换方法,多尺度分解医院网络运行数据,结合自适应软门限去噪系数提取有效数据。运用最优运输理论中的Wasserstein距离算法与MMD(Maximun Mean Discrepancy)距离算法,在深度生成模型中,对医院网络数据展开降维处理。向异常检测模型中输入降维后网络正常运行数据样本,并提取样本特征。利用深度学习策略中的Adam算法,生成异常信息判别函数,通过待测网络运行数据与正常网络运行数据的特征对比,实现医院网络异常信息入侵检测。实验结果表明,算法能实现对医院网络异常信息入侵的高效检测,精准检测多类型网络入侵行为,为医疗机构网络运行提供安全保障。

基于贪婪算法的网络通信未知蠕虫检测仿真

网络蠕虫具有智能化和综合网络攻击性,无须计算机使用者干预即可运行的攻击程序或代码,且攻击传播速度较快。计算机防御模型多采用杀毒软件处理蠕虫的检测,但是无法提前防御蠕虫的攻击。因此,提出基于贪婪算法的网络通信未知蠕虫检测方法。通过云安全环境建立蠕虫传播模型,提取未知蠕虫数据特征,采用贪婪算法构建自编码器,降维蠕虫数据特征。利用改进蚁群算法和SVM建立网络攻击检测模型,将降维后蠕虫数据特征输入模型中,完成未知蠕虫的检测。实验结果表明,研究方法的蠕虫检测率更高,且丢包率低于0.5%,主机感染率降低,说明所提方法的应用性能更优。

基于互信息与萤火虫算法的网络入侵特征选择

为减少网络入侵检测数据中的冗余特征,提出一种结合互信息和萤火虫算法的特征选择方法。针对互信息不能精确计算特征间冗余度,提出类内特征冗余互信息特征选择方法。针对萤火虫算法步长因子固定易使算法陷入局部最优等问题,提出自适应步长萤火虫算法特征选择。以上方法分别选取特征子集后利用投票策略选取最优子集,对该子集基于C4.5和贝叶斯网络分类器分类。实验结果表明,使用10个特征检测能有效提高入侵检测率、误报率和F-measure,同时还缩短训练和检测时间。此外,与现有的几种方法相比,该方法在准确率、检测率和F-measure都获得不错效果。

结合遗传算法的RF-DBN入侵检测方法

针对目前不平衡数据集少数类攻击样本识别率较低的问题,提出一种BorderlineSMOTE、随机森林和遗传算法(genetic algorithm,GA)-深度信念网络(deep belief network,DBN)相结合的入侵检测方法。首先采用BorderlineSMOTE对少数类样本进行过采样,减少数据集的不平衡度;然后使用随机森林算法实现正异常数据分类,筛选出异常数据;最后采用经GA优化的DBN网络对异常数据进行进一步分类。使用网络安全数据集CICIDS2017进行验证,该方法的准确率达到了99.85%,而且少数类样本的识别精度也有明显提高。

基于人工智能的网络入侵检测与响应机制

针对当前网络入侵检测领域的挑战,提出了一种基于改进型朴素贝叶斯算法的网络入侵检测方法。首先,深入研究了网络入侵检测与响应的整体框架;其次,提出了改进型朴素贝叶斯算法,引入了特征加权和条件概率平滑策略,以提高对入侵行为检测的准确性;最后,利用CIC-IDS2017数据集进行实验验证,并与传统朴素贝叶斯方法进行比较。实验结果表明,改进型朴素贝叶斯方法的多个指标均优于传统方法,充分证明了其在网络入侵检测中的有效性。

基于GA-SVM算法的无线局域网络入侵信号检测方法

常规的无线局域网络入侵信号检测节点多为独立式设定,检测效率较低,导致入侵信号检测误检率较高,为此提出对基于GA-SVM算法的无线局域网络入侵信号检测方法。该方法首先采用关联的方式进行入侵信号特征提取,提升检测效率,设置关联性检测节点,构建GA-SVM测算入侵信号检测模型,采用定位分离方法来实现信号检测处理。测试结果表明:针对选定的300个采样点进行信号入侵检测,对比于传统分布式光纤网络入侵信号检测组、传统FastICA测算网络入侵信号检测组,此次所设计的GA-SVM测算网络入侵信号检测组最终得出的入侵信号检测误检率被较好地控制在20%以下,说明基于GA-SVM算法的检测效果更佳,针对性更强,具有实际的应用价值。