HybGBS: A hybrid neural network and grey wolf optimizer for intrusion detection in a cloud computing environment

Abstract

SummaryThe cloud computing environment is subject to unprecedented cyber‐attacks as its infrastructure and protocols may contain vulnerabilities and bugs. Among these, Distributed Denial of Service (DDoS) is chosen by most cyber extortionists, creating unusual traffic that drains cloud resources, making them inaccessible to customers and end users. Hence, security solutions to combat this attack are in high demand. The existing DDoS detection techniques in literature have many drawbacks, such as overfitting, delay in detection, low detection accuracy for attacks that target multiple victims, and high False Positive Rate (FPR). In this proposed study, an Artificial Neural Network (ANN) based hybrid GBS (Grey Wolf Optimizer (GWO) + Back Propagation Network (BPN) + Self Organizing Map (SOM)) Intrusion Detection System (IDS) is proposed for intrusion detection in the cloud computing environment. The base classifier, BPN, was chosen for our research after evaluating the performance of a comprehensive set of neural network algorithms on the standard benchmark UNSW‐NS 15 dataset. BPN intrusion detection performance is further enhanced by combining it with SOM and GWO. Hybrid Feature Selection (FS) is made using a correlation‐based approach and Stratified 10‐fold cross‐validation (STCV) ranking based on Weight matrix value (W). These selected features are further fine‐tuned using metaheuristic GWO hyperparameter tuning based on a fitness function. The proposed IDS technique is validated using the standard benchmark UNSW‐NS 15 dataset, which consists of 1,75,341 and 82,332 attack cases in the training and testing datasets. This study's findings demonstrate that the proposed ANN‐based hybrid GBS IDS model outperforms other existing IDS models with a higher intrusion detection accuracy of 99.40%, fewer false alarms (0.00389), less error rate (0.001), and faster prediction time (0.29 ns).