A Fast-Optimizing and Adaptable Intrusion Detection System Based on Progressively Optimized Support Vector Machines

Computer networking technologies play a crucial role in daily activities. However, they pose significant security challenges, and deploying cybersecurity systems to protect sensitive data is vital. A fast-optimizing and adaptable system can quickly learn new cyberattacks and adapt to ever-changing threats. Recent research has shown that the feature selection integrated classifier optimization algorithm (FSCOA) is promising for intrusion detection systems (IDS); however, its exhaustive search-based classifier optimization is time-consuming. To overcome this drawback, the present study proposes a new optimization framework, namely the Progressive Classifier Optimization Algorithm (PCOA), to enhance FSCOA in terms of time efficiency and develop fast-optimizing support vector machines (SVM). The proposed method was evaluated on five modern intrusion detection datasets. In addition, 15 intrusion detection datasets with various difficulty levels were extracted for model evaluation. For a realistic performance analysis, bias issues, the most critical metrics, and time complexity analyses were considered. The proposed algorithm led to the classification performance above 99% with below 1% false alarm rates of SVM for most datasets. Experimental results showed that PCOA's classification performance is comparable to FSCOA, with approximately five times less time complexity. PCOA-optimized SVM performs similarly to other methods from the literature, such as random forest and deep learning algorithms. In conclusion, this study proposes a fast-optimizing IDS that can be frequently updated to protect various networking setups from ever-changing cyber-attacks using limited-capacity computing devices. Additionally, essential insights into feature selection and classifier optimization for intrusion detection are provided in this study.