Hybrid evolutionary machine learning model for advanced intrusion detection architecture for cyber threat identification

In response to the rapidly evolving threat landscape in network security, this paper proposes an Evolutionary Machine Learning Algorithm designed for robust intrusion detection. We specifically address challenges such as adaptability to new threats and scalability across diverse network environments...

Full description

Saved in:
Bibliographic Details
Published in:PloS one 2024-09, Vol.19 (9), p.e0308206
Main Authors: Sharma, Ankita, Rani, Shalli, Driss, Maha
Format: Article
Language:English
Subjects:
Accuracy
Adaptability
Adaptive algorithms
Adaptive systems
Algorithms
Analysis
Biology and Life Sciences
Cameras
Classification
Communication
Computer and Information Sciences
Computer Security
Cybersecurity
Cyberterrorism
Data mining
Data security
Data transmission
Datasets
Detectors
Evaluation
Evolution
Evolutionary algorithms
Feature selection
Genetic algorithms
Humans
Identity theft
Information management
Infrastructure
Intrusion detection systems
Landscape architecture
Learning algorithms
Machine Learning
Malware
Methods
Performance measurement
Personal information
Physical Sciences
Prevention
Privacy
Real time
Research and Analysis Methods
Risk factors
Safety and security measures
Security
Smart cities
Smart houses
Support vector machines
Surveillance
Threats
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In response to the rapidly evolving threat landscape in network security, this paper proposes an Evolutionary Machine Learning Algorithm designed for robust intrusion detection. We specifically address challenges such as adaptability to new threats and scalability across diverse network environments. Our approach is validated using two distinct datasets: BoT-IoT, reflecting a range of IoT-specific attacks, and UNSW-NB15, offering a broader context of network intrusion scenarios using GA based hybrid DT-SVM. This selection facilitates a comprehensive evaluation of the algorithm's effectiveness across varying attack vectors. Performance metrics including accuracy, recall, and false positive rates are meticulously chosen to demonstrate the algorithm's capability to accurately identify and adapt to both known and novel threats, thereby substantiating the algorithm's potential as a scalable and adaptable security solution. This study aims to advance the development of intrusion detection systems that are not only reactive but also preemptively adaptive to emerging cyber threats." During the feature selection step, a GA is used to discover and preserve the most relevant characteristics from the dataset by using evolutionary principles. Through the use of this technology based on genetic algorithms, the subset of features is optimised, enabling the subsequent classification model to focus on the most relevant components of network data. In order to accomplish this, DT-SVM classification and GA-driven feature selection are integrated in an effort to strike a balance between efficiency and accuracy. The system has been purposefully designed to efficiently handle data streams in real-time, ensuring that intrusions are promptly and precisely detected. The empirical results corroborate the study's assertion that the IDS outperforms traditional methodologies.
ISSN:1932-6203
1932-6203
DOI:10.1371/journal.pone.0308206