Network anomaly detection in a controlled environment based on an enhanced PSOGSARFC

Network anomalies detection is a complementary technology for systems that detect security threats in networks based on package signatures. Controlled network environments have distinguished characteristics such as higher dimensionality, more robust regularity, and subtler fluctuation of its traffic that diminishes the performance of typical anomaly detection techniques comparable to that of a standard network. Previous research available recommends the optimization of methods to improve the accuracy rate of intrusion detection systems (IDS) with limitations of preserving vital data in the low-dimensional area and inconsistency in optimization goals resulting from decoupled model learning. Given the aforementioned challenge, this work proposes a new classification scheme based on an improved Particle Swarm Optimization algorithm, Gravitational Search Algorithm, and Random Forest classifier (PSOGSARFC). The PSOGSARFC is enhanced with a diversity enhancement strategy and used to optimize a random forest classifier in detecting anomalies in a controlled network environment using a benchmark dataset NSL-KDD & UNSW-NB15. Experimental results in light of the accuracy rates in anomaly detection confirm a better performance of 98.92% accuracy rate of the proposed classification scheme comparative to other related network anomaly detection schemes. (C) 2021 Elsevier Ltd. All rights reserved.