Karafan Journal

Karafan Journal

Improving Intrusion Detection Accuracy Using a Hybrid PCA-GWO and Deep Neural Network Approach

Document Type : Original Article

Authors
zahra Vakilzadeh 1
Zahra Heydaran Daroogheh Amnyieh 2
Iman Zabbah 3
Zeinab Binaie 4
1 Department of Computer Engineering, Torbat Heydariyeh University, Torbat Heydariyeh, Iran.
2 Department of Computer Engineering, Bushehr Branch, Islamic Azad University, Bushehr, Iran.
3 Department of Computer Engineering, Torbat Heydariyeh Branch, Islamic Azad University, Torbat Heydariyeh, Iran.
4 School of Mathemetics and Computer Science, Damghan University, Damghan, Iran.
10.48301/kssa.2025.476687.2997
Abstract
Computer networks play a vital role in communication and data exchange. However, with the expansion of these networks, the potential for cyber attacks and unauthorised access has also increased. In the real world, constant changes in traffic patterns and the emergence of new threats make the need for rapid and up-to-date training of intrusion detection models essential. Intrusions encompass illegal activities that compromise the integrity, confidentiality, and availability of organisational resources. As a critical component of network security, Intrusion Detection Systems (IDS) monitor for attacks that may go undetected by traditional firewalls. However, different types of attacks exhibit unique behaviours, and enhancing the detection of these attack types remains a significant challenge for intrusion detection models. In this research, we propose a deep learning method that incorporates dimensionality reduction and optimal feature selection. Initially, we apply Principal Component Analysis for dimensionality reduction. Subsequently, we utilize the Gray Wolf Optimisation (GWO) algorithm to select superior features. Finally, we extract key features to determine the presence of an attack and apply them to a deep Long Short-Term Memory (LSTM) network. The learning process is conducted using the NSL_KDD dataset. One of the key aspects of this research is the integration of PCA and GWO to extract the most relevant features while reducing dimensionality within the dataset. The results indicate that it is unnecessary to include all features in the learning model to detect attacks. By minimizing computational load and reducing the model's learning time, we also enhance the accuracy of attack detection.
Keywords
intrusion detection
deep learning
LSTM network
PCA
gray wolf algorithm
Subjects
[1] Aghdam, M.H. and P. Kabiri, Feature selection for intrusion detection system using ant colony optimization. Int. J. Netw. Secur., 2016. 18(3): (420–432).
[2] Amiri, F., et al., Mutual information-based feature selection for intrusion detection systems. Journal of network and computer applications, 2011. 34(4): (1184–1199).
[3]Horng, S.-J., et al., A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert systems with Applications, 2011. 38(1): (306–313).
[4]Toosi, A.N. and M. Kahani, A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. Computer communications, 2007. 30(10): (2201–2212).
[5]Maroosi, A., et al., Improving Diagnosis of Breast Cancer Disease Using Adaptive Neuro-fuzzy Inference System. Karafan Journal, 2022. 19(3): (377–392).
[6]Yahalom, R., et al., Improving the effectiveness of intrusion detection systems for hierarchical data. Knowledge-Based Systems, 2019. 168: (59–69).
[7]Talaei Khoei, T. and N. Kaabouch, A comparative analysis of supervised and unsupervised models for detecting attacks on the intrusion detection systems. Information, 2023. 14(2): (103).
[8]Taher, K.A., B.M.Y. Jisan, and M.M. Rahman. Network intrusion detection using supervised machine learning technique with feature selection. in 2019 International conference on robotics, electrical and signal processing techniques (ICREST). 2019. IEEE.
[9]Li, Y., et al., An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert systems with applications, 2012. 39(1): (424–430).
[10]Wazirali, R., An improved intrusion detection system based on KNN hyperparameter tuning and cross-validation. Arabian Journal for Science and Engineering, 2020. 45(12): (10859–10873).
[11]Besharati, E., M. Naderan, and E. Namjoo, LR-HIDS: logistic regression host-based intrusion detection system for cloud environments. Journal of Ambient Intelligence and Humanized Computing, 2019. 10(9): (3669–3692).
[12]Azam, Z., M.M. Islam, and M.N. Huda, Comparative analysis of intrusion detection systems and machine learning-based model analysis through decision tree. Ieee Access, 2023. 11: (80348–80391).
[13]Maroosi, A., E. Zabbah, and H. Ataei Khabbaz, Network Intrusion Detection using a combination of artificial neural networks in a hierarchical manner. Electronic and Cyber Defense, 2020. 8(1): (89–99).
[14]Sun, P., et al., DL‐IDS: Extracting Features Using CNN‐LSTM Hybrid Network for Intrusion Detection System. Security and communication networks, 2020. 2020(1): 8890306.
[15]Hassan, M.M., et al., A hybrid deep learning model for efficient intrusion detection in big data environment. Information Sciences, 2020. 513: (386–396).
[16]Yin, C., et al., A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access, 2017. 5: (21954–21961).
[17]Heidari, A., N.J. Navimipour, and M. Unal, A secure intrusion detection platform using blockchain and radial basis function neural networks for internet of drones. IEEE Internet of Things Journal, 2023. 10(10): (8445–8454).
[18]Vinayakumar, R., et al., Deep learning approach for intelligent intrusion detection system. IEEE access, 2019. 7: (41525–41550).
[19]Luo, J., et al., A novel intrusion detection method based on threshold modification using receiver operating characteristic curve. Concurrency and Computation: Practice and Experience, 2020. 32(14): (e5690).
[20]Choudhary, S. and N. Kesswani, Analysis of KDD-Cup’99, NSL-KDD and UNSW-NB15 datasets using deep learning in IoT. Procedia Computer Science, 2020. 167: (1561–1573).
[21]Arivudainambi, D., V.K. KA, and S. Sibi Chakkaravarthy, RETRACTED ARTICLE: LION IDS: A meta-heuristics approach to detect DDoS attacks against Software-Defined Networks. Neural Computing and Applications, 2019. 31(5):(1491–1501).
[22]Velliangiri, S. and H.M. Pandey, Fuzzy-Taylor-elephant herd optimization inspired Deep Belief Network for DDoS attack detection and comparison with state-of-the-arts algorithms. Future Generation Computer Systems, 2020. 110: (80–90).
[23]Wilson, A.J. and S. Giriprasad, A Feature Selection Algorithm for Intrusion Detection System Based On New Meta-Heuristic Optimization. Journal of Soft Computing and Engineering Applications, 2020. 1(1).
[24]Farnaaz, N. and M. Jabbar, Random forest modeling for network intrusion detection system. Procedia Computer Science, 2016. 89: (213–217).
[25]Khorram, T. and N.A. Baykan, Feature selection in network intrusion detection using metaheuristic algorithms. International Journal of Advanced Research, Ideas and Innovations in Technology, 2018. 4(4): (704–710).
[26]Roopak, M., G.Y. Tian, and J. Chambers. Deep learning models for cyber security in IoT networks. in 2019 IEEE 9th annual computing and communication workshop and conference (CCWC). 2019. IEEE.
[27]Khosravian, E., Design Optimal Adaptive Trajectory Tracking Control for Station Keeping and Attitude Control of Quadrotor Using Gray Wolf Optimization. Karafan Journal, 2022. 19(3): (663–694).
[28]Tavallaee, M., et al. A detailed analysis of the KDD CUP 99 data set. in 2009 IEEE symposium on computational intelligence for security and defense applications. 2009. Ieee.
[29]Zabbah, I., K. Layeghi, and R. Ebrahimpour, A Multi-level Deep Neural Network to Diagnose Coronavirus Disease with Imbalanced Data. 2024.
[30]Hochreiter, S. and J. Schmidhuber, Long short-term memory. Neural computation, 1997. 9(8): (1735–1780).
[31]Kuang, F., W. Xu, and S. Zhang, A novel hybrid KPCA and SVM with GA model for intrusion detection. Applied Soft Computing, 2014. 18: (178–184).
[32]Purushothaman, R., S. Rajagopalan, and G. Dhandapani, Hybridizing Gray Wolf Optimization (GWO) with Grasshopper Optimization Algorithm (GOA) for text feature selection and clustering. Applied Soft Computing, 2020. 96: (106651).
[33]Babagoli, M., Propose a meta-heuristic model of intrusion detection using feature selection based on improved gray wolf optimization and random forest. Signal and Data Processing, 2023. 20(1): (133–144).
[34]Faker, O. and E. Dogdu. Intrusion detection using big data and deep learning techniques. in Proceedings of the 2019 ACM Southeast conference. 2019.
[35]Akhlaghpour, M., Providing a Solution Based on Fuzzy Logic to Reduce False Positive Alarms in The Intrusion Detection System. Intelligent Multimedia Processing and Communication Systems (IMPCS), 2021. 2(4): (45–50).
[36]Netaj Salehdar, M.H., mproving the performance of intrusion detection systems using intelligent feature reduction algorithms, in The 13th International Conference of Iranian Operations Research Society, Shahrud,. 2019.
[37]Pham, N.T., et al. Improving performance of intrusion detection system using ensemble methods and feature selection. in Proceedings of the Australasian computer science week multiconference. 2018.
[38]Kilincer, I.F., F. Ertam, and A. Sengur, Machine learning methods for cyber security intrusion detection: Datasets and comparative study. Computer Networks, 2021. 188: (107840).
[39]Solhdar, M.N., Investigation of a new ensemble method of intrusion detection system on different data sets. Scientific Journal of Electronical & Cyber Defence, 2022. 10(3).
Karafan Journal
Volume 22, Issue 1
Technical and Engineering
Spring 2025
Pages 127-149

  • Receive Date 22 September 2024
  • Revise Date 10 November 2024
  • Accept Date 29 January 2025