Building an efficient intrusion detection system using grasshopper optimization algorithm for anomaly detection

Intrusion detection is one of the most crucial activities for security infrastructures in network environments, and it is widely used to detect, identify and track malicious threats. A common approach in intrusion detection systems (IDSs) specifically in anomaly detection is evolutionary algorithm that works as intrusion detector. Still, it has been challenging to design a precise and reliable IDS to determine security threats due to the large capacity of network data which contains redundant and irrelevant features. It does not only decrease the process of classification but also prevents a classifier from making precise decisions. To increase the accuracy and reduce the false alarm rate, in this study integration of ensemble feature selection (EFS) and grasshopper optimization algorithm (GOA), called EFSGOA is developed. Firstly, EFS method is applied to rank the features for selecting the top subset of relevant features. Afterward, GOA is utilized to identify significant features from the obtained reduced features set produced by EFS technique that can contribute to determine the type of attack. Furthermore, GOA utilizes support vector machine (SVM) as a fitness function to obtain the noteworthy features and to optimize penalty factor, kernel parameter, and tube size parameters of SVM for maximizing the classification performance. The experimental results demonstrate that EFSGOA method has performed better and obtained high detection rate of 99.69%, accuracy of 99.98% and low false alarm rate of 0.07 in NSL-KDD and high detection rate of 99.26%, accuracy of 99.89% and low false alarm rate of 0.097 in KDD Cup 99 data. Moreover, the proposed method has succeeded in achieving higher performance compared to other state-of-art techniques in terms of accuracy, detection rate, false alarm rate, and CPU time.