A crossover-integrated Marine Predator Algorithm for feature selection in intrusion detection systems within IoT environments

IF 6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things Pub Date : 2025-02-15 DOI:10.1016/j.iot.2025.101536

Sharif Naser Makhadmeh , Salam Fraihat , Mohammed Awad , Yousef Sanjalawe , Mohammed Azmi Al-Betar , Mohammed A. Awadallah

{"title":"A crossover-integrated Marine Predator Algorithm for feature selection in intrusion detection systems within IoT environments","authors":"Sharif Naser Makhadmeh , Salam Fraihat , Mohammed Awad , Yousef Sanjalawe , Mohammed Azmi Al-Betar , Mohammed A. Awadallah","doi":"10.1016/j.iot.2025.101536","DOIUrl":null,"url":null,"abstract":"<div><div>In recent times, there has been a significant rise in cyberattacks targeting the Internet of Things (IoT) and cyberspace in general. Detecting intrusions in a time series environment is a critical challenge for Network Intrusion Detection Systems (NIDS). Building an effective NIDS requires carefully establishing an efficient model, with machine learning (ML) playing a prominent role. The performance of ML models depends on selecting the most informative feature subset. Recently, metaheuristic (MH) optimization methods have been effective in identifying these key features. However, standard MH methods require adjustment to incorporate NIDS-specific knowledge for optimal results, improving both MH performance and ML accuracy. This paper introduces a novel NIDS framework based on three key phases: preprocessing, optimization, and generalization. In the preprocessing phase, several datasets undergo cleaning and under-sampling. In the optimization phase, an enhanced version of the Marine Predators Algorithm (MPA) is proposed, utilizing the crossover operator to identify the most relevant features. The proposed method is called MPAC. The crossover operator is utilized to boost the exploitation capabilities of the MPA and find the optimal local solution for the NIDS. Finally, the selected features are applied to the NIDS. Eight different datasets are employed for examination and evaluation using different evaluation measurements to assess the effectiveness of the proposed NIDS. The experimental evaluation is organized into three phases: evaluating the proposed crossover modification by applying it to five algorithms and comparing results to the originals, comparing the results of the proposed algorithms to prove the robust performance of the MPAC, and comparing the results obtained by the MPAC with the stat-of-the-arts. The proposed MPAC confirmed its demonstration and high performance in detecting network attacks, wherein in the first evaluation phase, the proposed approach obtained better results in almost 90% of the comparisons. In the second comparison phase, the proposed MPAC achieved better results in six datasets out of eight, and in the last phase, the MPAC outperforms all compared methods.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"31 ","pages":"Article 101536"},"PeriodicalIF":6.0000,"publicationDate":"2025-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660525000496","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In recent times, there has been a significant rise in cyberattacks targeting the Internet of Things (IoT) and cyberspace in general. Detecting intrusions in a time series environment is a critical challenge for Network Intrusion Detection Systems (NIDS). Building an effective NIDS requires carefully establishing an efficient model, with machine learning (ML) playing a prominent role. The performance of ML models depends on selecting the most informative feature subset. Recently, metaheuristic (MH) optimization methods have been effective in identifying these key features. However, standard MH methods require adjustment to incorporate NIDS-specific knowledge for optimal results, improving both MH performance and ML accuracy. This paper introduces a novel NIDS framework based on three key phases: preprocessing, optimization, and generalization. In the preprocessing phase, several datasets undergo cleaning and under-sampling. In the optimization phase, an enhanced version of the Marine Predators Algorithm (MPA) is proposed, utilizing the crossover operator to identify the most relevant features. The proposed method is called MPAC. The crossover operator is utilized to boost the exploitation capabilities of the MPA and find the optimal local solution for the NIDS. Finally, the selected features are applied to the NIDS. Eight different datasets are employed for examination and evaluation using different evaluation measurements to assess the effectiveness of the proposed NIDS. The experimental evaluation is organized into three phases: evaluating the proposed crossover modification by applying it to five algorithms and comparing results to the originals, comparing the results of the proposed algorithms to prove the robust performance of the MPAC, and comparing the results obtained by the MPAC with the stat-of-the-arts. The proposed MPAC confirmed its demonstration and high performance in detecting network attacks, wherein in the first evaluation phase, the proposed approach obtained better results in almost 90% of the comparisons. In the second comparison phase, the proposed MPAC achieved better results in six datasets out of eight, and in the last phase, the MPAC outperforms all compared methods.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Internet of Things Multiple-

CiteScore

3.60

自引率

5.10%

发文量

115

审稿时长

37 days

期刊介绍： Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.