A Lightweight Anomaly Detection Model using SVM for WSNs in IoT through a Hybrid Feature Selection Algorithm based on GA and GWO

Document Type: Original Article


1 Department of Computer Engineering, Qom Branch, Islamic Azad University, Qom, Iran.

2 Faculty of electrical and computer engineering, Qom university of technology Qom, Iran.

3 Faculty of Electrical, Computer, and Biomedical Engineering, Shahabdanesh University.



As a result of an incredibly fast growth of the number and diversity of smart devices connectable to the internet, commonly through open wireless sensor networks (WSNs) in internet of things (IoT), the access of attackers to the network traffic in the form of intercepting, eavesdropping and rebroadcasting has become much easier. Anomaly or intrusion detection system (IDS) is an efficient security mechanism, however despite the maturity of anomaly detection technologies for wired networks, current technologies with high computational complexity are improper for resource-limited WSNs in IoT and they also fail to detect new WSN attacks. Furthermore, dealing with the huge amount of intrusion wireless traffic collected by sensors, causing slow detecting process, higher resource usage and inaccurate detection. Hence, considering WSN limitations for developing an IDS in IoT, establishes a significant challenge for security researchers. This paper proposes a new model to develop a support vector machine (SVM)-based lightweight IDS (LIDS) using combination concepts of genetic algorithm (GA) and mathematical equations of grey wolf optimizer (GWO) which is called GABGWO. The GABGWO through applying two new crossover and mutation operators tries to find the most relevant traffic features and eliminate worthless ones, in order to increase the performance of the LIDS. The performance of LIDS is evaluated using AWID real-world wireless dataset under two scenarios with and without using GABGWO. The results showed a promising behavior of the proposed GABGWO algorithm in choosing optimal traffics, decreasing the computational costs and providing high accuracies for LIDS. The hybrid algorithm is also compared to pure GA and GWO and other recent methods and it is found that its performance is better than them.


Main Subjects

[1] S. H. Jafier. Utilizing feature selection techniques in intrusion detection system for internet of things. In Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, page 1–3, 2018. [ bib | DOI ]
[2] O. Flauzac, C. J. Gonzalez Santamaría, and F. Nolot. New security architecture for IoT network. Procedia Computer Science, 52:1028--1033, 2015. [ bib | DOI ]
[3] S. H. Jafier. Security issues and challenges for the IoT-based smart grid. In Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, page 1–3, 2018. [ bib | DOI ]
[4] M. Sheikhan and H. Bostani. A hybrid intrusion detection architecture for internet of things. In 2016 8th International Symposium on Telecommunications (IST), pages 601--606. IEEE, 2017. [ bib | DOI ]
[5] A. Qureshi, H. L., J. Ahmad, and N. Mtetwa. A Heuristic Intrusion Detection System for Internet-of-Things (IoT). In Intelligent Computing - Proceedings of the Computing Conference, pages 86--98. Springer, Cham, 2019. [ bib | DOI ]
[6] Y. Xue, W. Jia, X. Zhao, and W. Pang. An evolutionary computation based feature selection method for intrusion detection. Security and Communication Networks, 2018, 2018. [ bib | DOI ]
[7] M. Alidoosti and A. Nowroozi. Cross layer-based intrusion detection based on network behavior for IoT. In Cross layer-based intrusion detection based on network behavior for IoT, pages 1--4. IEEE, 2018. [ bib | DOI ]
[8] A. A. Gendreau and M. Moorman. Survey of intrusion detection systems towards an end to end secure internet of things. In 2016 IEEE 4th international conference on future internet of things and cloud (FiCloud), pages 84--90. IEEE, 2016. [ bib | DOI ]
[9] M. Usha and P. Kavitha. Anomaly based intrusion detection for 802.11 networks with optimal features using SVM classifier. Wireless Networks, 23(8):2431–2446, 2017. [ bib | DOI ]
[10] H. M. Aldosari. A proposed security layer for the Internet of things communication reference model. Procedia Computer Science, 65:95--98, 2015. [ bib | DOI ]
[11] F. Restuccia, S. D’Oro, and T. Melodia. Securing the internet of things in the age of machine learning and software-defined networking. IEEE Internet of Things Journal, 5(6):4829 -- 4842, 2018. [ bib | DOI ]
[12] B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga. A survey of intrusion detection in Internet of Things. Journal of Network and Computer Applications, 84:25--37, 2017. [ bib | DOI ]
[13] F. Restuccia, S. D’Oro, and T. Melodia. A survey on Internet of Things architectures. Journal of King Saud University-Computer and Information Sciences, 30(3):291--319, 2018. [ bib | DOI ]
[14] D. M. Mendez, I. Papapanagiotou, and B. Yang. Internet of things: Survey on security and privacy. arXiv preprint arXiv:1707.01879, pages 291--319, 2017. [ bib | DOI ]
[15] L. Xiao, X. Wan, X. Lu, Y. Zhang, and D. Wu. IoT security techniques based on machine learning. arXiv preprint arXiv:1707.01879, 2018. [ bib ]
[16] H. Bostani and M. Sheikhan. Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Computer Communications, 98:52--71, 2017. [ bib | DOI ]
[17] A. A. Diro and N. Chilamkurti. Distributed attack detection scheme using deep learning approach for Internet of Things. Future Generation Computer Systems, 82:761--768, 2018. [ bib | DOI ]
[18] S. Aljawarneh, M. Aldwairi, and M. B. Yassein. Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. Journal of Computational Science, 25:152--160, 2018. [ bib | DOI ]
[19] D. Andročec and N. Vrček. Machine Learning for the Internet of Things Security: A Systematic Review. In 13th International Conference on Software Technologies, 2018. [ bib | DOI ]
[20] P. Tao, Z. Sun, and Z. Sun. An improved intrusion detection algorithm based on GA and SVM. IEEE Access, 6:13624 -- 13631, 2018. [ bib | DOI ]
[21] K Anusha and E. Sathiyamoorthy. Comparative study for feature selection algorithms in intrusion detection system. Automatic Control and Computer Sciences, 50:1–9, 2016. [ bib | DOI ]
[22] G. Chandrashekar and F. Sahin. A survey on feature selection methods. Computers & Electrical Engineering, 40(1):1, 2014. [ bib | DOI ]
[23] T. Hamed, R. Dara, and S. C. Kremer. Network intrusion detection system based on recursive feature addition and bigram technique. computers & security, 73:137--155, 2018. [ bib | DOI ]
[24] R. Sheikhpour, M. Sarram Agha, S. Gharaghani, and M. A. Z. Chahooki. A survey on semi-supervised feature selection methods. Pattern Recognition, 64:141--158, 2017. [ bib | DOI ]
[25] K. El-Khatib. Impact of feature reduction on the efficiency of wireless intrusion detection systems. IEEE Transactions on Parallel and Distributed Systems, 21(8):1143 -- 1149, 2009. [ bib | DOI ]
[26] B. Xue, M. Zhang, W. N. Browne, and X. Yao. A survey on evolutionary computation approaches to feature selection. IEEE Transactions on Parallel and Distributed Systems, 20(4):606 -- 626, 2015. [ bib | DOI ]
[27] E. Hancer, B. Xue, M. Zhang, D. Karaboga, and B. Akay. Pareto front feature selection based on artificial bee colony optimization. Information Sciences, 422:462--479, 2018. [ bib | DOI ]
[28] V. R. Balasaraswathi, M. Sugumaran, and Y. Hamid. Feature selection techniques for intrusion detection using non-bio-inspired and bio-inspired optimization algorithms. Journal of Communications and Information Networks, 2(4):107–119, 2017. [ bib | DOI ]
[29] H. Faris, I. Aljarah, M. A. Al-Betar, and S. Mirjalili. Grey wolf optimizer: a review of recent variants and applications. Neural computing and applications, 30(2):413–435, 2018. [ bib | DOI ]
[30] M. Črepinšek, S. Liu, and M. Mernik. Exploration and exploitation in evolutionary algorithms: A survey. ACM computing surveys (CSUR), 45(3):1--33, 2013. [ bib | DOI ]
[31] N. Singh and S.Singh. Hybrid algorithm of particle swarm optimization and grey wolf optimizer for improving convergence performance. Journal of Applied Mathematics, 2017, 2017. [ bib | DOI ]
[32] W. Siedlecki and J. Sklansky. A note on genetic algorithms for large-scale feature selection. In Handbook of pattern recognition and computer vision, pages 88--107. World Scientific, 1993. [ bib | DOI ]
[33] C. Tsai, W. Eberle, and C. Chu. Genetic algorithms in feature and instance selection. Knowledge-Based Systems, 39:240--247, 2013. [ bib | DOI ]
[34] M. M. Mafarja and S. Mirjalili. Hybrid Whale Optimization Algorithm with simulated annealing for feature selection. Neurocomputing, 260:302--312, 2017. [ bib | DOI ]
[35] M. A. Tawhid and K. B. Dsouza. Hybrid Binary Bat Enhanced Particle Swarm Optimization Algorithm for solving feature selection problems. Applied Computing and Informatics, 2018. [ bib | DOI ]
[36] M. Mafarja and S. Mirjalili. Whale optimization approaches for wrapper feature selection. Applied Soft Computing, 62:441--453, 2018. [ bib | DOI ]
[37] E. Emary, H. M. Zawbaa, and A. E. Hassanien. Binary grey wolf optimization approaches for feature selection. Neurocomputing, 172:371--381, 2016. [ bib | DOI ]
[38] E. Emary, H. M. Zawbaa, and A. E. Hassanien. Binary ant lion approaches for feature selection. Neurocomputing, 213:54--65, 2016. [ bib | DOI ]
[39] E. Emary, W. Yamany, A. E. Hassanien, and V. Snasel. Multi-objective gray-wolf optimization for attribute reduction. Procedia Computer Science, 65:623--632, 2015. [ bib | DOI ]
[40] E. Emary, H. M. Zawbaa, C. Grosan, and A. E. Hassenian. Feature subset selection approach by gray-wolf optimization. In Afro-European conference for industrial advancement, pages 1--13. Springer, 2015. [ bib | DOI ]
[41] Y. Zhang, X. Song, and D. Gong. A return-cost-based binary firefly algorithm for feature selection. Information Sciences, 418-419:561--574, 2017. [ bib | DOI ]
[42] Z. Yong, G. Dun-wei, and Z. Wan-qiu. Feature selection of unreliable data using an improved multi-objective PSO algorithm. Neurocomputing, 171:1281--1290, 2016. [ bib | DOI ]
[43] H. M. Zawbaa, E. Emary, and C. Grosan. Feature selection via chaotic antlion optimization. PloS one, 11(3), 2016. [ bib | DOI ]
[44] R. Sheikhpour, M. A. Sarram, and R. Sheikhpour. Particle swarm optimization for bandwidth determination and feature selection of kernel density estimation based classifiers in diagnosis of breast cancer. Applied Soft Computing, 40:113--131, 2016. [ bib | DOI ]
[45] M. G. Raman, N. Somu, K. Kirthivasan, R. Liscano, and V. S. Sriram. An efficient intrusion detection system based on hypergraph-Genetic algorithm for parameter optimization and feature selection in support vector machine. Knowledge-Based Systems, 134:1--12, 2017. [ bib | DOI ]
[46] B. Senthilnayaki, K. Venkatalakshmi, and A. Kannan. Intrusion detection using optimal genetic feature selection and SVM based classifier. In 2015 3rd International Conference on Signal Processing, Communication and Networking (ICSCN), pages 1--4. IEEE, 2015. [ bib | DOI ]
[47] I. Ahmad, M. Hussain, A. Alghamdi, and A. Alelaiwi. Enhancing SVM performance in intrusion detection using optimal feature subset selection based on genetic principal components. Neural computing and applications, 24(7-8):1671–1682, 2014. [ bib | DOI ]
[48] A. Dastanpour and R. A. R. Mahmood. Feature selection based on genetic algorithm and SupportVector machine for intrusion detection system. In The Second International Conference on Informatics Engineering & Information Science (ICIEIS2013), pages 169--181, 2013. [ bib | DOI ]
[49] A. Ferriyan, A. H. Thamrin, K. Takeda, and J. Murai. Feature selection using genetic algorithm to improve classification in network intrusion detection system. In 2017 International Electronics Symposium on Knowledge Creation and Intelligent Computing (IES-KCIC), pages 46--49. IEEE, 2017. [ bib | DOI ]
[50] C. Khammassi and S. Krichen. A GA-LR wrapper approach for feature selection in network intrusion detection. computers & security, 70:255--277, 2017. [ bib | DOI ]
[51] K. S. Desale and R. Ade. Genetic algorithm based feature selection approach for effective intrusion detection system. In 2015 International Conference on Computer Communication and Informatics (ICCCI), pages 1--6. IEEE, 2015. [ bib | DOI ]
[52] B. Senthilnayaki, K. Venkatalakshmi, and A. Kannan. An intelligent intrusion detection system using genetic based feature selection and Modified J48 decision tree classifier. In 2013 fifth international conference on advanced computing (ICoAC), pages 1--7. IEEE, 2013. [ bib | DOI ]
[53] S. S. S. Sindhu, S. Geetha, and A. Kannan. Decision tree based light weight intrusion detection using a wrapper approach. Expert Systems with applications, 39(1):129--141, 2012. [ bib | DOI ]
[54] Q. M. Alzubi, M. Anbar, Z. N. Alqattan, M. A. Al-Betar, and R. Abdullah. Intrusion detection system based on a modified binary grey wolf optimization. Neural Computing and Applications, 32:6125–6137, 2020. [ bib | DOI ]
[55] V. Sathish, P. Khader, and S. Abdul. Improved Detecting Host Based Intrusions Based On Hybrid SVM Using Grey Wolf Optimizer. International Journal Of Security and Its Applications, 11(9):59--72, 2017. [ bib | DOI ]
[56] D. Srivastava, R. Singh, and V. Singh. An Intelligent Gray Wolf Optimizer: A Nature Inspired Technique in Intrusion Detection System (IDS). Journal of Advancements in Robotics, 6(1):18--24, 2019. [ bib ]
[57] E. Devi and R. Suganthe. Enhanced transductive support vector machine classification with grey wolf optimizer cuckoo search optimization for intrusion detection system. Concurrency and Computation: Practice and Experience, 32(4), 2018. [ bib | DOI ]
[58] J. Seth Kumar and S. Chandra. Intrusion detection based on key feature selection using binary GWO. In 2016 3rd international conference on computing for sustainable global development (INDIACom), pages 3735--3740. IEEE, 2017. [ bib ]
[59] A. Davahli, M. Shamsi, and G. Abaei. Hybridizing genetic algorithm and grey wolf optimizer to advance an intelligent and lightweight intrusion detection system for IoT wireless networks. Journal of Ambient Intelligence and Humanized Computing, 2020. [ bib | DOI ]
[60] E. Devi and R. Suganthe. Feature selection in intrusion detection grey wolf optimizer. Asian Journal of Research in Social Sciences and Humanities, 7(3):671--682, 2017. [ bib | DOI ]
[61] M. Mazini, B. Shirazi, and I. Mahdavi. Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. Knowledge-Based Systems, 31(4):541--553, 2019. [ bib | DOI ]
[62] A. Qureshi, H. Larijani, N. Mtetwa, A. Javed, and J. Ahmad. RNN-ABC: A New Swarm Optimization Based Technique for Anomaly Detection. Computers, 8(3), 2019. [ bib | DOI ]
[63] J. Li, Z. Zhao, R. Li, and H. Zhang. AI-based Two-Stage Intrusion Detection for Software Defined IoT Networks. IEEE Internet of Things Journal, 6(2):2093 -- 2102, 2018. [ bib | DOI ]
[64] H. Bostani and M. Sheikhan. Hybrid of binary gravitational search algorithm and mutual information for feature selection in intrusion detection systems. Soft computing, 21(9):2307–2324, 2017. [ bib | DOI ]
[65] S. Kang and K. J. Kim. A feature selection approach to find optimal feature subsets for the network intrusion detection system. Cluster Computing, 19(1):325–333, 2016. [ bib | DOI ]
[66] S. M. H. Bamakan, H. Wang, T. Yingjie, and Y.Shi. An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing, 199:90--102, 2016. [ bib | DOI ]
[67] A. S. Eesa, Z. Orman, and A. M. A. Brifcani. A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Systems with Applications, 42(5):2670--2679, 2015. [ bib | DOI ]
[68] J. Holland. Adaptation in natural and artificial systems: an introductory analysis with applications to biology, control, and artificial intelligence. Control and artificial intelligence, 1975. [ bib ]
[69] J. H. Holland. Adaptation in natural and artificial systems: an introductory analysis with applications to biology, control, and artificial intelligence. MIT press, 1992. [ bib ]
[70] J. H. Holland. Genetic Algorithms, Scientific American. Scientific american, 267(1):66--73, 1992. [ bib | DOI ]
[71] S. Mirjalili, S. M. Mirjalili, and A. Lewis. Grey Wolf Optimizer. Advances in engineering software, 69:46--61, 2014. [ bib | DOI ]
[72] A. Kishor and P. K. Singh. Empirical study of grey wolf optimizer. In Proceedings of fifth international conference on soft computing for problem solving, pages 1037--1049. Springer, Singapore, 2016. [ bib | DOI ]
[73] M. A. Al-Betar, M. A. Awadallah, H. Faris, I. Aljarah, and A. I. Hammouri. Natural selection methods for grey wolf optimizer. Expert Systems with Applications, 113:481--498, 2018. [ bib | DOI ]
[74] E. A. Shams and A. Rizaner. A novel support vector machine based intrusion detection system for mobile ad hoc networks. Wireless Networks, 24(5):1821–1829, 2018. [ bib | DOI ]
[75] M. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, and M. Guizani. A survey of machine and deep learning methods for internet of things (IoT) security. arXiv preprint arXiv:1807.11023, 2018. [ bib | DOI ]
[76] P. Aggarwal and S. K. Sharma. Analysis of KDD dataset attributes-class wise for intrusion detection. Procedia Computer Science, 57:842--851, 2015. [ bib | DOI ]
[77] L. Dhanabal and S. Shantharajah. A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 4(6):446--452, 2015. [ bib | DOI ]
[78] M. Alidoosti and A. Nowroozi. A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications, pages 1--6. IEEE, 2009. [ bib | DOI ]
[79] C. Kolias, G. Kambourakis, A. Stavrou, and S. Gritzalis. Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Communications Surveys & Tutorials, 18(1):184 -- 208, 2015. [ bib | DOI ]
[80] M. E. Aminanto, H. C. Tanuwidjaja, P. D. Yoo, and K. Kim. Wi-Fi intrusion detection using weighted-feature selection for neural networks classifier. In 2017 International Workshop on Big Data and Information Security (IWBIS), pages 99--104. IEEE, 2017. [ bib | DOI ]
[81] S. H. Jafier. Detecting impersonation attack in WiFi networks using deep learning approach. In International Workshop on Information Security Applications, pages 136--147. Springer, 2017. [ bib | DOI ]
[82] I. Witten, E. Frank, and M. Hall. Data Mining: Practical machine learning tools and techniques. Morgan Kaufmann, 2016. [ bib ]
[83] M. Alidoosti and A. Nowroozi. Weka: Practical machine learning tools and techniques with java implementations. In Proc ICONIP/ANZIIS/ANNES99 Future Directions for Intelligent Systems and Information Sciences, pages 192--196. Morgan Kaufmann, 1999. [ bib ]
[84] A. Eiben and S. Smit. Parameter tuning for configuring and analyzing evolutionary algorithms. Swarm and Evolutionary Computation, 1(1):19--31, 2011. [ bib | DOI ]
[85] Y. Xin, L. Kong, Z. Liu, Y. Chen, Y. Li, H. Zhu, M. Gao, H. Hou, and C. Wang. Machine learning and deep learning methods for cybersecurity. IEEE Access, 6:35365 -- 35381, 2018. [ bib | DOI ]

Volume 7, Issue 1
Winter and Spring 2020
Pages 63-79
  • Receive Date: 22 October 2019
  • Revise Date: 10 February 2020
  • Accept Date: 24 April 2020