Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection

Intrusion detection has become important to network security because of the increasing connectivity between computers and internet. Various Intrusion Detection Systems have been investigated to protect web or networks using several evolutionary methods and classification techniques. In this study, we propose a new technique by combining Ensemble of Feature Selection (EFS) and Adaptive Grasshopper Optimization Algorithm (AGOA) methods, called EFSAGOA which can help to identify the types of attack. In the proposed approach, initially, EFS method is applied to rank the attribute for selecting the high ranked subset of attributes. Then, AGOA is employed to determine important attributes from the reduced datasets that can contribute to predict the networks traffic behavior. Furthermore, adaptive behavior of GOA uses to decide whether a record represents an anomaly or not, differing from some approaches acquainted in the literature. AGOA uses the Support Vector Machine (SVM) as a fitness function to choose the extremely efficient features and to maximize the classification performance. In addition, it is also applied to optimize the penalty factor (C), kernel parameter ( σ ) , and tube size ( ϵ ) of SVM classifier. The performance of EFSAGOA has been evaluated on modern intrusion data as ISCX 2012. The experimental results demonstrate that the proposed method performs better and obtain high detection rate, accuracy, and low false alarm rate compared to other state-of-art techniques in ISCX 2012 data.