Optimizing network security: Weighted average ensemble of BPNN and RELM in EPRN-WPS intrusion detection

Abstract

Intrusion Detection Systems (IDS) are crucial components of network security solutions designed to identify and reduce threats in real-time. The main function of IDS is to determine unauthorized access, anomalies, and misuse. When an anomaly is detected, the IDS alerts the network administrators or takes predefined actions to alleviate the threat. Several deep learning (DL) based techniques have been designed for effective IDS. Despite that, they face several complexities such as encrypted traffic, network complexity, less efficiency, and scalability issues. This research work designs a novel method named Ensemble Probability Regularized Network-based Waterwheel Plant Search (EPRN-WPS) algorithm for improving network security and integrity. The proposed framework integrates six phases namely, data collection, monitoring interval phase, alert preprocessing phase, alert scrubbing phase, alert correlation engine phase, and alert prioritization phase. For evaluation, the proposed framework deploys the input data from the Network Intrusion Detection Dataset (UNR-IDD). During, the monitor interval phase the model continuously monitored the network activities to generate more accurate alerts by deriving a diverse set of data over time. In the alert preprocessing phase, the relevant alerts are prioritized and unnecessary information is eliminated. Furthermore, the alert scrubbing phase is utilized to analyze and filter the alerts to reduce false positives and point out security threats. The potential threats by correlating alerts from various sources are identified in the alert correlation engine phase. For alert prioritization, the proposed technique EPRN-WPS combines a significance of Biased Probability Neural Network (BPNN), Regularized Extreme Learning Machine (RELM), and weighted average ensemble models and classifies the alerts into low, high, and medium. Moreover, the proposed framework implemented a Waterwheel plant optimization with an initial search strategy for optimizating the parameters thereby enhancing the effectiveness of the EPRN-WPS method. The proposed methodology achieves an accuracy of 98.9 %, a sensitivity of 97.2 %, a specificity of 97.7 %, an F1-score of 96.3 %, and a False Alarm Rate (FAR) of 1.4 %. The experimental results show the effectiveness of the proposed EPRN-WPS method in intrusion detection and it ensures the integrity of the network.