A fast learning network with improved particle swarm optimization for intrusion detection system

In current days the intrusion detection systems (IDS) have several shortcomings such as high rates of false positive alerts, low detection rates of rare but dangerous attacks, and the need for a constant human intervention and tuning. Daily, there are reports of incidents such as major ex-filtration...

Full description

Saved in:
Bibliographic Details
Main Author: Ali, Mohammed Hasan
Format: Thesis
Language:English
Published: 2019
Subjects:
Online Access:http://umpir.ump.edu.my/id/eprint/29922/1/A%20fast%20learning%20network%20with%20improved%20particle%20swarm%20optimization%20for%20intrusion%20detection%20system.wm.pdf
http://umpir.ump.edu.my/id/eprint/29922/
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Malaysia Pahang
Language: English
Description
Summary:In current days the intrusion detection systems (IDS) have several shortcomings such as high rates of false positive alerts, low detection rates of rare but dangerous attacks, and the need for a constant human intervention and tuning. Daily, there are reports of incidents such as major ex-filtration of data for the purposes of stealing identities, credit card numbers, and intellectual properties, as well as to take control of network resources. Machine learning approaches have been widely used to increase the effectiveness of intrusion detection platforms. While some machine learning techniques are effective at detecting certain types of attacks, there are no known methods that can be applied universally and achieve consistent results for multiple attack types. This situation makes the detection of cyber-based attacks on computer networks a relevant and challenging area of research. The Fast Learning Network (FLN) is one of the new machine learning algorithms that are easy to implement, computationally efficient, and with excellent learning performance characteristics. However, the internal power parameters (weight and basis) of FLN are initialized at random, causing the algorithm to be unstable. In this work, a new cooperative multi-swarm scheme called multi-swarmoptimization (MRPSO) which is inspired by the human social behavior was proposed for the interaction of several PSO groups while searching for the best parameters values of PSO. The focus of this research is on the development of a model that can optimize the initial parameters of FLN based on MRPSO to obtain an optimal set of initial parameters for FLN, thus, creating an optimal FLN classifier named as MRPSO-FLN which can improve the efficacy of network intrusion on data sets that contain instances of multiple classes of attacks. These methods were tested on NSL-KDD intrusiondetection datasets and the results indicate that the proposed approaches used in the system performed well in large dataset processing. In these experiments, it was demonstrated that the FLN optimization method achieved 0.9964 which is a higher accuracy than most of the existing paradigms for classifying network intrusion detection data.