An adaptive detection framework based on artificial immune for IoT intrusion detection system

Abstract

Given the continual evolution of new network attack methodologies, defenders face the imperative of constantly upgrading security defenses. Current security technologies, albeit effective against known threats, often fall short in handling the intricacies of diverse and novel attacks. Artificial immunity-based network anomaly detection offers a promising avenue by dynamically adapting to evolving threats. However, prevailing algorithms in this domain suffer from low detection rates, limited adaptability, and extended detector generation times. This study aims to tackle these challenges by introducing a high-efficiency network anomaly detection framework, emphasizing both high-dimensional feature selection and adaptive detector generation. Our approach begins with an enhanced dual-module hybrid high-dimensional feature selection method, leveraging evolutionary principles. Furthermore, we introduce a self-sample clustering algorithm based on fuzzy clustering during the tolerance stage, enhancing detector tolerance efficiency. Additionally, an adaptive detector generation scheme is devised. It divides the non-boundary sub-population based on non-self differences and evolution, while employing the red fox optimization algorithm in the boundary region. This adaptive approach dynamically adjusts detector positions and radii to derive optimal detectors. Through comprehensive validation using well-established IoT and network anomaly datasets, our proposed artificial immunity-based IoT intrusion detection framework exhibits superior performance. It achieves higher classification accuracy and lower error rates compared to current state-of-the-art machine learning and artificial immunity algorithms.