Volume 16 , Issue 1 , PP: 01-14, 2025 | Cite this article as | XML | Html | PDF | Full Length Article
Mohammed B. Al-Doori 1 * , Khattab M. Ali Alheeti 2
Doi: https://doi.org/10.54216/JCIM.160101
In this research, we investigate sophisticated methods for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), leveraging AI-based feature optimization and diverse machine learning strategies to bolster network intrusion detection and prevention. The study primarily utilizes the NSL-KDD dataset, an enhanced version of the KDD Cup 1999 dataset, chosen for its realistic portrayal of various attack types and for addressing the shortcomings of the original dataset. The methodology includes AI-based feature optimization using Particle Swarm Optimization and Genetic Algorithm, focusing on maximizing information gain and entropy. This is integrated with the use of Random Forest (RF) to reduce class overlapping, further enhanced by boosting techniques. Grey Wolves Optimization (GWO) alongside Random Forest. This innovative approach, inspired by grey wolf hunting strategies, is employed for classification tasks on the NSL-KDD dataset. The performance metrics for each intrusion class are meticulously evaluated, revealing that the GWO-RF combination achieves an accuracy of 0.94, precision of 0.95, recall of 0.93, and an F1 score of 0.94.
Intrusion Detection System , Intrusion Prevention System , Cloud Computing , Anomaly Detection , Deep learning , Software Defined Network
[1] Z. Chiba, N. Abghour, K. Moussaid, A. El Omri, and M. Rida, “A cooperative and hybrid network intrusion detection framework in cloud computing based on Snort and optimized back propagation neural network,” Procedia Computer Science, vol. 83, pp. 1200–1206, 2016.
[2] M. A. Hatef, V. Shaker, M. R. Jabbarpour, J. Jung, and H. Zarrabi, “HIDCC: A hybrid intrusion detection approach in cloud computing,” Concurrency and Computation: Practice and Experience, vol. 30, no. 3, 2018.
[3] S. Raja and S. Ramaiah, “An efficient fuzzy-based hybrid system to cloud intrusion detection,” Int. J. Fuzzy Syst., vol. 19, no. 1, pp. 62–77, 2017.
[4] J. K. Samriya and N. Kumar, “A novel intrusion detection system using hybrid clustering-optimization approach in cloud computing,” Materials Today: Proceedings, 2020.
[5] S. A. R. Shah and B. Issac, “Performance comparison of intrusion detection systems and application of machine learning to Snort system,” Future Generation Computer Systems, vol. 80, pp. 157–170, 2018.
[6] P. Singh and V. Ranga, “Attack and intrusion detection in cloud computing using an ensemble learning approach,” Int. J. Inf. Technol. (Singapore), 2021.
[7] E. Albin and N. C. Rowe, “A realistic experimental comparison of the Suricata and Snort intrusion-detection systems,” in Proc. 26th IEEE Int. Conf. Adv. Inf. Netw. Appl. Workshops (WAINA), 2012, pp. 122–127.
[8] A. Alhomoud, R. Munir, J. P. Disso, I. Awan, and A. Al-Dhelaan, “Performance evaluation study of intrusion detection systems,” Procedia Computer Science, vol. 5, pp. 173–180, 2011.
[9] G. K. Bada, W. K. Nabare, and D. K. K. Quansah, “Comparative analysis of the performance of network intrusion detection systems: Snort, Suricata and Bro intrusion detection systems in perspective,” Int. J. Comput. Appl., vol. 176, no. 40, pp. 39–44, 2020.
[10] V. Balamurugan and R. Saravanan, “Enhanced intrusion detection and prevention system on cloud environment using hybrid classification and OTS generation,” Cluster Computing, vol. 22, pp. 13027–13039, 2019.
[11] B. M. Beigh and M. A. Peer, “Performance evaluation of different intrusion detection system: An empirical approach,” in Proc. Int. Conf. Comput. Commun. Informatics (ICCCI), 2014.
[12] K. Scarfone and P. Mell, “Guide to intrusion detection and prevention systems (IDPS),” NIST Special Publication, vol. 800, p. 94, 2007.
[13] Z. Chiba, N. Abghour, K. Moussaid, A. El Omri, and M. Rida, “Newest collaborative and hybrid network intrusion detection framework based on Suricata and isolation forest algorithm,” in Proc. ACM Int. Conf., 2019.
[14] P. Ghosh, S. Shakti, and S. Phadikar, “A cloud intrusion detection system using novel PRFCM clustering and KNN-based Dempster-Shafer rule,” Int. J. Cloud Appl. Comput., vol. 6, no. 4, pp. 18–35, 2016.
[15] A. N. Jaber and S. U. Rehman, “FCM–SVM based intrusion detection system for cloud computing environment,” Cluster Computing, 2020.
[16] R. F. Olanrewaju, B. U. Islam Khan, A. R. Najeeb, K. A. Ku Zahir, and S. Hussain, “Snort-based smart and swift intrusion detection system,” Indian J. Sci. Technol., vol. 11, no. 4, pp. 1–9, 2018.
[17] S. Raja and S. Ramaiah, “An efficient fuzzy-based hybrid system to cloud intrusion detection,” Int. J. Fuzzy Syst., vol. 19, no. 1, pp. 62–77, 2017.
[18] J. K. Samriya and N. Kumar, “A novel intrusion detection system using hybrid clustering-optimization approach in cloud computing,” Materials Today: Proceedings, 2020.
[19] K. Sengaphay, S. Saiyod, and N. Benjamas, “Creating Snort-IDS rules for detection behavior using multi-sensors in private cloud,” Lecture Notes in Electrical Engineering, vol. 376, pp. 589–601, 2016.
[20] P. Singh and V. Ranga, “Attack and intrusion detection in cloud computing using an ensemble learning approach,” Int. J. Inf. Technol. (Singapore), 2021.
[21] D. Srilatha and G. K. Shyam, “Cloud-based intrusion detection using kernel fuzzy clustering and optimal type-2 fuzzy neural network,” Cluster Computing, 2021.
[22] T. Thilagam and R. Aruna, “Intrusion detection for network-based cloud computing by custom RC-NN and optimization,” ICT Express, 2021.
[23] S. R. K. Tummalapalli and A. S. N. Chakravarthy, “Intrusion detection system for cloud forensics using Bayesian fuzzy clustering and optimization-based SVNN,” Evol. Intell., vol. 14, no. 2, pp. 699–709, 2021.
[24] M. A. Jumaah, Y. H. Ali, T. A. Rashid, and S. Vimal, “FOXANN: A method for boosting neural network performance,” J. Soft Comput. Comput. Appl., vol. 1, no. 1, Art. no. 1001, 2024.
[25] T. Nsabimana, C. I. Bimenyimana, V. Odumuyiwa, and J. T. Hounsou, “Detection and prevention of criminal attacks in cloud computing using a hybrid intrusion detection system,” in Proc. 3rd Int. Conf. Intell. Human Syst. Integration (IHSI), Modena, Italy, 2020, pp. 667–676.
[26] N. Pandeeswari and G. Kumar, “Anomaly detection system in cloud environment using fuzzy clustering based ANN,” Mobile Netw. Appl., vol. 21, no. 3, pp. 494–505, 2016.
