A homogeneous ensemble based dynamic artificial neural network for solving the intrusion detection problem

Network security is a mechanism of protecting the usability and integrity of any given network and its transmitted data. Network security's effectiveness is crucial to the network environment to ensure it is free from any threat, especially in the critical infrastructure (CI). The supervisory control and data acquisition systems in the CI are getting more connected to the internet, putting them in serious security concerns. Any malicious attack against these systems could cause considerable human, economic, and material damages. Thus, it leads to the emergence of the intrusion detection system (IDS). Theoretically, a modern IDS must handle a large amount of data with high accuracy. Ensemble-based, hybrid-based methods and their distinguished applications are a promising way to solve these issues. The efficiency of the IDS is mainly dependent on the selected data features and the used classification method. The artificial neural network (ANN) has been applied in various fields, but it requires adjustment on few parameters to work effectively. This study proposes a homogeneous ensemble based on single-class dynamic ANN (HOE-DANN). Each dynamic ANN (DANN) is optimized by a filter-wrapper method using a modified discrete cuttlefish algorithm based on rough set theory, and a migration-strategy based cuttlefish algorithm. Both algorithms simultaneously optimize the features, ANN structure, weights, and biases for creating the DANN. However, the threshold value of the ensemble model was set using the hill-climbing algorithm. The experiments were applied to well-known benchmark datasets, namely the KDD99, UNSW-NB15, and gas pipeline data logs (GPDL). The results show that the HOE-DANN outperforms the single model based on the DANN. Additionally, a comparison with several state-of-the-art methods has shown that the proposed method offers superior performance in terms of the detection rate (DR), false alarm rate (FAR), and classification accuracy (ACC). The HOE-DANN model was able to achieve DR of 97.47%, FAR of 2.25%, and ACC of 97.52% using the KDD99 dataset, DR of 99.93%, FAR of 13.13%, and ACC of 94.08% using the UNSW-NB15 dataset, and DR of 98.08%, FAR of 2.69%, and ACC of 94.50% using the GPDL dataset. (c) 2021 Elsevier B.V. All rights reserved.