Skip to main content
Springer Nature Link
Log in

An optimal feature based network intrusion detection system using bagging ensemble method for real-time traffic analysis

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

The enormous growth of cyber threats has become a calamitous issue in today’s technically advanced world where data and information play a crucial role in identifying patterns and automatic predictive analysis. Network packet analysis is a pivotal technique in cybersecurity to protect our network and computer from unauthorized access. A network intrusion detection system (NIDS) is a network packet monitoring tool that intently inspects all the incoming and outgoing packets passing through a network and recognizes malicious incidents. This paper proposes a novel NIDS using the decision tree-based Bagging ensemble method, where the NSL-KDD dataset has been used for experimental purposes. The optimal features from the mentioned dataset have been filtered through the application of the wrapper-based Moth Flame optimization (MFO) technique and the effectiveness of the selected features has been evaluated using various machine learning, deep learning, and ensemble learning frameworks. All the experiments have been conducted in accordance with both binary and multiclass categories. Exhaustive performance evaluation confirms that the proposed MFO-ENSEMBLE method achieves an 87.43% detection rate and incurs minimal time overhead amongst all classification techniques. Practical implementation of the proposed methodology in a custom-built real-time test-bed confirms both the novelty as well as the feasibility of this work.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Abd El Aziz M, Ewees AA, Hassanien AE (2017) Whale optimization algorithm and moth-flame optimization for multilevel thresholding image segmentation. Expert Syst Appl 83:242–256

    Article  Google Scholar 

  2. Aburomman AA, Reaz MBI (2016) Survey of learning methods in intrusion detection systems. In: 2016 International conference on advances in electrical, electronic and systems engineering (ICAEES). IEEE, pp 362–365

  3. Akinbo RS, Daramola OA (2021) Ensemble machine learning algorithms for prediction and classification of medical images. In: Machine learning-algorithms, models and applications. Intechopen

  4. Bajaj K, Arora A (2013) Improving the intrusion detection using discriminative machine learning approach and improve the time complexity by data mining feature selection methods. Int J Comput Appl 76(1):5–11

    Google Scholar 

  5. Buczak AL, Guven E (2015) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun Surv Tutor 18(2):1153–1176

    Article  Google Scholar 

  6. Bühlmann P (2012) Bagging, boosting and ensemble methods. In: Handbook of computational statistics. Springer, pp 985–1022

  7. Chen CM, Chen YL, Lin HC (2010) An efficient network intrusion detection. Comput Commun 33(4):477–484

    Article  MathSciNet  Google Scholar 

  8. Chowdhury R, Roy A, Saha B, Bandyopadhyay SK (2021) A step forward to revolutionize intrusion detection system using deep convolutional neural network. In: Data driven approach towards disruptive technologies: proceedings of MIDAS 2020. Springer, Singapore, pp 337–352

  9. Esmaily J, Moradinezhad R, Ghasemi J (2015) Intrusion detection system based on multi-layer perceptron neural networks and decision tree. In: 2015 7th Conference on information and knowledge technology (IKT). IEEE, pp 1–5

  10. Farahnakian F, Heikkonen J (2018) A deep auto-encoder based approach for intrusion detection system. In: 2018 20th International conference on advanced communication technology (ICACT). IEEE, pp 178–183

  11. Ferreira PJG (2020) Benchmark de Sistemas de detecção de intrusões baseados em comportamento com recurso a algoritmos bioinspirados. Ph.D thesis

  12. Gaikwad D, Thool RC (2015) Intrusion detection system using bagging ensemble method of machine learning. In: 2015 International conference on computing communication control and automation. IEEE, pp 291–295

  13. Goutte C, Gaussier E (2005) A probabilistic interpretation of precision, recall and f-score, with implication for evaluation. In: European conference on information retrieval. Springer, pp 345–359

  14. Ingre B, Yadav A (2015) Performance analysis of nsl-kdd dataset using ann. In: 2015 International conference on signal processing and communication engineering systems. IEEE, pp 92–96

  15. Ioulianou P, Vasilakis V, Moscholios I, Logothetis M (2018) A signature-based intrusion detection system for the internet of things. Information and Communication Technology Form

  16. Jha J, Ragha L (2013) Intrusion detection system using support vector machine. Int J Appl Inf Syst (IJAIS) 3:25–30

    Google Scholar 

  17. Khalaf M, Alaskar H, Hussain AJ, Baker T, Maamar Z, Buyya R, Liatsis P, Khan W, Tawfik H, Al-Jumeily D (2020) Iot-enabled flood severity prediction via ensemble machine learning models. IEEE Access 8:70375–70386

    Article  Google Scholar 

  18. Lakhina S, Joseph S, Verma B (2010) Feature reduction using principal component analysis for effective anomaly–based intrusion detection on nsl-kdd

  19. Lashkari AH, Draper-Gil G, Mamun MSI, Ghorbani AA (2017) Characterization of tor traffic using time based features. In: ICISSp, pp 253–262

  20. Li Z, Qin Z, Huang K, Yang X, Ye S (2017) Intrusion detection using convolutional neural networks for representation learning. In: International conference on neural information processing. Springer, pp 858–866

  21. Mahfouz A, Abuhussein A, Venugopal D, Shiva S (2020) Ensemble classifiers for network intrusion detection using a novel network attack dataset. Future Internet 12(11):180

    Article  Google Scholar 

  22. MeeraGandhi G, Appavoo K, Srivasta S (2010) Effective network intrusion detection using classifiers decision trees and decision rules. Int J Adv Netw Appl 2

  23. Mirjalili S (2015) Moth-flame optimization algorithm: a novel nature-inspired heuristic paradigm. Knowl-Based Syst 89:228–249

    Article  Google Scholar 

  24. Moustafa N, Turnbull B, Choo KKR (2018) An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J 6(3):4815–4830

    Article  Google Scholar 

  25. Neethu B (2012) Classification of intrusion detection dataset using machine learning approaches. Int J Electron Comput Sci Eng 1(3):1044–1051

    Google Scholar 

  26. Patro S, Sahu KK (2015) Normalization: a preprocessing stage. arXiv:1503.06462

  27. Rai K, Devi MS, Guleria A (2016) Decision tree based algorithm for intrusion detection. Int J Adv Netw Appl 7(4):2828

    Google Scholar 

  28. Sanders C, Smith J (2013) Applied network security monitoring: collection, detection, and analysis. Elsevier

  29. Shehab M, Abualigah L, Al Hamad H, Alabool H, Alshinwan M, Khasawneh AM (2020) Moth–flame optimization algorithm: variants and applications. Neural Comput Appl 32(14):9859–9884

    Article  Google Scholar 

  30. Shi JY, Zhang DY, Xue F, Li YJ, Qiao W, Yang WJ, Xu YM, Yang T (2019) Moth-flame optimization-based maximum power point tracking for photovoltaic systems under partial shading conditions. J Power Electron 19(5):1248–1258

    Google Scholar 

  31. Sommer R (2007) The bro network intrusion detection system

  32. Su T, Sun H, Zhu J, Wang S, Li Y (2020) Bat: deep learning methods on network intrusion detection using nsl-kdd dataset. IEEE Access 8:29575–29585

    Article  Google Scholar 

  33. Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the kdd cup 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications. IEEE, pp 1–6

  34. Trivedi I, Kumar A, Ranpariya AH, Jangir P (2016) Economic load dispatch problem with ramp rate limits and prohibited operating zones solve using levy flight moth-flame optimizer. In: 2016 International conference on energy efficient technologies for sustainability (ICEETS). IEEE, pp 442–447

  35. Vinayakumar R, Soman K, Poornachandran P (2017) Applying convolutional neural network for network intrusion detection. In: 2017 International conference on advances in computing, communications and informatics (ICACCI). IEEE, pp 1222–1228

  36. Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5:21954–21961

    Article  Google Scholar 

  37. Zawbaa HM, Emary E, Parv B, Sharawi M (2016) Feature selection approach based on moth-flame optimization algorithm. In: 2016 IEEE Congress on evolutionary computation (CEC). IEEE, pp 4612–4617

Download references

Funding

This research received no external funding.

Author information

Authors and Affiliations

  1. Future Institute of Engineering and Management, Kolkata, India

    Ratul Chowdhury

  2. University of Engineering & Management, Kolkata, India

    Shibaprasad Sen

  3. University of Calcutta, Kolkata, India

    Arindam Roy & Banani Saha

Authors
  1. Ratul Chowdhury
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shibaprasad Sen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arindam Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Banani Saha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shibaprasad Sen.

Ethics declarations

Conflict of interest

Ratul Chowdhury, Shibaprasad Sen, Arindam Roy, and Banani Saha declare that they have no conflict of interest.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chowdhury, R., Sen, S., Roy, A. et al. An optimal feature based network intrusion detection system using bagging ensemble method for real-time traffic analysis. Multimed Tools Appl 81, 41225–41247 (2022). https://doi.org/10.1007/s11042-022-12330-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-022-12330-3

Keywords

Search

Navigation