An intelligent intrusion detection system for distributed denial of service attacks: A support vector machine with hybrid optimization algorithm based approach

Abstract

SummaryCloud computing offers comfortable service to business sectors as they can concentrate on their products. Over the internet, cloud computing is liable to various security threats and attacks which is a primary obstacle to the growth of cloud computing services. Distributed denial of service (DDoS) is one such attack that exploits cloud computing services using compromised machines; hence, its detection is a significant field of research. Several DDoS detection schemes have been proposed in the past, but they fail to detect real‐time active DDoS attacks because of their growth in severity and volume. Machine learning (ML) techniques are efficient in making predictions; hence, in this study, a hybrid ML intrusion detection system (IDS) model is proposed. The performance of the proposed IDS model is improved by employing a 10‐fold cross‐validation technique to perform feature selection, reducing data dimensions on the publicly available benchmark NSL‐KDD dataset. Performance validation of the proposed hybrid IDS model is done using the confusion matrix. Support vector machine (SVM) parameters are fine‐tuned using hybrid Harris Hawks optimization (HHO) and particle swarm optimization (PSO) algorithms. The performance of these hybrid algorithms is compared with other classical algorithms such as C4.5, K‐nearest neighbor, and SVM using performance metrics such as precision, sensitivity, specificity, F1 score, and accuracy. From these comparisons, it can be inferred that the proposed SVM with hybrid optimization HHO‐PSO machine learning IDS model performs better DDoS detection with good performance metric values.