An Efficient Hybrid Evolutionary Approach for Identification of Zero-Day Attacks on Wired/Wireless Network System

Abstract

Attacks from network applications establish considerable security threats for computer networks and end users. Existing cyber-attack detection methods are designed primarily in signature-based approaches that can not recognize zero-day vulnerabilities. In addition, with the minimum availability of network attack data in the real world, the effectiveness of such approaches is even more limited. Today, in network security, an Intrusion Detection System (IDS) plays an important role in detecting intrusive activity. To address the existing challenges, we propose an architectural scheme through an evolutionary hybrid algorithm that incorporates Teaching Learning based optimization (TLBO) and Simulated Annealing (SA), called TLBOSA for IDS that extracts the most notable characteristics and eliminates the irrelevant from the high-dimensional data sets. In the proposed method, SA is integrated into the TLBO, while using it to increase the quality of the solution after each iteration of the TLBO algorithm. Support Vector Machine (SVM) is used as a fitness function in the proposed method to select the relevant attributes that can help classify the attacks accurately. For performance verification, the proposed method is used in two large datasets, such as NSL-KDD and UNSW-NB15. The empirical evaluations show that our approach outperforms the existing state-of-the-art algorithms in terms of detection rate, accuracy and false alarm rates on both NSL-KDD and UNSWNB15 data.