Enhancing Intrusion Detection System Performance Using a Hybrid of Harris Hawks and Whale Optimization Algorithms
Received: 11 March 2025 | Revised: 5 April 2025 and 20 April 2025 | Accepted: 23 April 2025 | Online: 2 August 2025
Corresponding author: Mosleh M. Abualhaj
Abstract
Intrusion Detection and Prevention Systems (IDPSs) play a crucial role in safeguarding online connections against unauthorized access and malicious activities. To enable efficient and effective detection and mitigation, IDPSs must continuously improve their performance due to the constantly developing nature of cyber threats. However, an IDPS is more difficult to use and less reliable when it deals with huge amounts of data. This study aimed to improve the performance of IDPSs by employing optimization algorithms to reduce the data size. Particularly, the Harris Hawks Optimization (HHO) and Whale Optimization Algorithm (WOA) were combined for feature selection. The experimental results showed that the performance of the proposed IDPS was greatly improved by combining the HHO and WOA algorithms. Combining a Random Forest classifier with the suggested HHO/WOA feature selection method achieved very high results in accuracy (99.17%), recall (98.76%), precision (98.76%), and F1-score (98.43%).
Keywords:
feature selection, Harris hawks optimization algorithm, intrusion detection, machine learning, whale optimization algorithmDownloads
References
"Global cybercrime estimated cost 2029," Statista. https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide.
H. Al-Mimi, N. A. Hamad, and M. M. Abualhaj, "A Model for the Disclosure of Probe Attacks Based on the Utilization of Machine Learning Algorithms," in 2023 10th International Conference on Electrical and Electronics Engineering (ICEEE), Istanbul, Turkiye, May 2023, pp. 241–247. DOI: https://doi.org/10.1109/ICEEE59925.2023.00051
M. M. Abualhaj, A. A. Abu-Shareha, M. O. Hiari, Y. Alrabanah, M. Al-Zyoud, and M. A. Alsharaiah, "A Paradigm for DoS Attack Disclosure using Machine Learning Techniques," International Journal of Advanced Computer Science and Applications, vol. 13, no. 3, 2022. DOI: https://doi.org/10.14569/IJACSA.2022.0130325
M. Ren, W. Zhang, S. Kong, D. Zhou, D. Li, and Y. Tian, "Research on abnormal traffic diagnosis based on deployment mode of firewall," in 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC), Chongqing, China, Dec. 2020, pp. 2286–2291. DOI: https://doi.org/10.1109/ITAIC49862.2020.9339189
Z. S. Malek, B. Trivedi, and A. Shah, "User behavior Pattern -Signature based Intrusion Detection," in 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), London, UK, Jul. 2020, pp. 549–552. DOI: https://doi.org/10.1109/WorldS450073.2020.9210368
A. Grzech, "Intelligent Distributed Intrusion Detection Systems of Computer Communication Systems," in 2009 First Asian Conference on Intelligent Information and Database Systems, Dong hoi, Quang binh, Vietnam, Apr. 2009, pp. 1–6. DOI: https://doi.org/10.1109/ACIIDS.2009.87
P. Widulinski and K. Wawryn, "A Study of Detection Probabilities and Real-World Testing of a Human Immunity Inspired Intrusion Detection System," in 2021 28th International Conference on Mixed Design of Integrated Circuits and System, Lodz, Poland, Jun. 2021, pp. 261–264. DOI: https://doi.org/10.23919/MIXDES52406.2021.9497536
R. Kaur and N. Gupta, "Network intrusion detection using meta-heuristic feature selection and cost-sensitive learning," International Journal of Internet Technology and Secured Transactions, vol. 13, no. 2, 2023, Art. no. 105. DOI: https://doi.org/10.1504/IJITST.2023.129572
G. Yedukondalu, G. H. Bindu, J. Pavan, G. Venkatesh, and A. SaiTeja, "Intrusion Detection System Framework Using Machine Learning," in 2021 Third International Conference on Inventive Research in Computing Applications (ICIRCA), Coimbatore, India, Sep. 2021, pp. 1224–1230. DOI: https://doi.org/10.1109/ICIRCA51532.2021.9544717
J. A. Abraham and V. R. Bindu, "Intrusion Detection and Prevention in Networks Using Machine Learning and Deep Learning Approaches: A Review," in 2021 International Conference on Advancements in Electrical, Electronics, Communication, Computing and Automation (ICAECA), Coimbatore, India, Oct. 2021, pp. 1–4. DOI: https://doi.org/10.1109/ICAECA52838.2021.9675595
H. Mendes, S. E. Quincozes, and V. E. Quincozes, "A Web User Interface Tool for Metaheuristics-Based Feature Selection Assessment for IDSs," in 2022 6th Cyber Security in Networking Conference (CSNet), Rio de Janeiro, Brazil, Oct. 2022, pp. 1–5. DOI: https://doi.org/10.1109/CSNet56116.2022.9955616
A. Almomani, "Ensemble-Based Approach for Efficient Intrusion Detection in Network Traffic," Intelligent Automation & Soft Computing, vol. 37, no. 2, pp. 2499–2517, 2023. DOI: https://doi.org/10.32604/iasc.2023.039687
S. M. Kasongo and Y. Sun, "Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset," Journal of Big Data, vol. 7, no. 1, p. 105, Nov. 2020. DOI: https://doi.org/10.1186/s40537-020-00379-6
M. Alazab, R. Abu Khurma, P. A. Castillo, B. Abu-Salih, A. Martín, and D. Camacho, "An effective networks intrusion detection approach based on hybrid Harris Hawks and multi-layer perceptron," Egyptian Informatics Journal, vol. 25, Mar. 2024, Art. no. 100423. DOI: https://doi.org/10.1016/j.eij.2023.100423
Y. Xiao, C. Kang, H. Yu, T. Fan, and H. Zhang, "Anomalous Network Traffic Detection Method Based on an Elevated Harris Hawks Optimization Method and Gated Recurrent Unit Classifier," Sensors, vol. 22, no. 19, Jan. 2022, Art. no. 7548. DOI: https://doi.org/10.3390/s22197548
A. Kim, M. Park, and D. H. Lee, "AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection," IEEE Access, vol. 8, pp. 70245–70261, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.2986882
Z. Chkirbene, A. Erbad, R. Hamila, A. Mohamed, M. Guizani, and M. Hamdi, "TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection," IEEE Access, vol. 8, pp. 95864–95877, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.2994931
P. S. Deshpande, S. R. Jondhale, M. D. Jakhete, and S. A. Panwar, "Double Particle Swarm Optimization based Ensemble ML Technique for detecting the intrusion in Networks," Bulletin of Environment, Pharmacology and Life Sciences, no. special issue 1, pp. 915–923, 2022.
S. Sumathi and R. Rajesh, "A Dynamic BPN-MLP Neural Network DDoS Detection Model Using Hybrid Swarm Intelligent Framework," Indian Journal Of Science And Technology, vol. 16, no. 43, pp. 3890–3904, Nov. 2023. DOI: https://doi.org/10.17485/IJST/v16i43.1718
A. A. Othman, T. M. Hasan, and S. O. Hasoon, "Impact of Dimensionality Reduction on The Accuracy of Data Classification," in 2020 3rd International Conference on Engineering Technology and its Applications (IICETA), Najaf, Iraq, Sep. 2020, pp. 128–133. DOI: https://doi.org/10.1109/IICETA50496.2020.9318955
Ü. Çavuşoğlu, "A new hybrid approach for intrusion detection using machine learning methods," Applied Intelligence, vol. 49, no. 7, pp. 2735–2761, Jul. 2019. DOI: https://doi.org/10.1007/s10489-018-01408-x
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," in 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada, Jul. 2009, pp. 1–6. DOI: https://doi.org/10.1109/CISDA.2009.5356528
A. H. Efat et al., "Inquisition of The Support Vector Machine Classifier in Association with Hyper-parameter Tuning: A Disease Prognostication Model," in 2022 4th International Conference on Electrical, Computer & Telecommunication Engineering (ICECTE), Rajshahi, Bangladesh, Dec. 2022, pp. 131–134. DOI: https://doi.org/10.1109/ICECTE57896.2022.10114543
C. Liu, Z. Gu, and J. Wang, "A Hybrid Intrusion Detection System Based on Scalable K-Means+ Random Forest and Deep Learning," IEEE Access, vol. 9, pp. 75729–75740, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3082147
R. Wazirali, "An Improved Intrusion Detection System Based on KNN Hyperparameter Tuning and Cross-Validation," Arabian Journal for Science and Engineering, vol. 45, no. 12, pp. 10859–10873, Dec. 2020. DOI: https://doi.org/10.1007/s13369-020-04907-7
T. Markovic, M. Leon, D. Buffoni, and S. Punnekkat, "Random Forest Based on Federated Learning for Intrusion Detection," in Artificial Intelligence Applications and Innovations, 2022, pp. 132–144. DOI: https://doi.org/10.1007/978-3-031-08333-4_11
A. K. Balyan et al., "A Hybrid Intrusion Detection Model Using EGA-PSO and Improved Random Forest Method," Sensors, vol. 22, no. 16, Jan. 2022, Art. no. 5986. DOI: https://doi.org/10.3390/s22165986
A. Pathak and S. Pathak, "Study on Decision Tree and KNN Algorithm for Intrusion Detection System," International Journal of Engineering Research and, vol. V9, no. 05, May 2020, Art. no. IJERTV9IS050303. DOI: https://doi.org/10.17577/IJERTV9IS050303
M. Mohammadi et al., "A comprehensive survey and taxonomy of the SVM-based intrusion detection systems," Journal of Network and Computer Applications, vol. 178, Mar. 2021, Art. no. 102983. DOI: https://doi.org/10.1016/j.jnca.2021.102983
B. S. Bhati and C. S. Rai, "Analysis of Support Vector Machine-based Intrusion Detection Techniques," Arabian Journal for Science and Engineering, vol. 45, no. 4, pp. 2371–2383, Apr. 2020. DOI: https://doi.org/10.1007/s13369-019-03970-z
B. D. Shivahare, M. Singh, A. Gupta, S. Ranjan, D. Pareta, and B. M. Sahu, "Survey Paper: Whale optimization algorithm and its variant applications," in 2021 International Conference on Innovative Practices in Technology and Management (ICIPTM), Noida, India, Feb. 2021, pp. 77–82. DOI: https://doi.org/10.1109/ICIPTM52218.2021.9388344
H. M. Al-Mimi, N. A. Hamad, M. M. Abualhaj, S. N. Al-Khatib, and M. O. Hiari, "Improved intrusion detection system to alleviate attacks on DNS service," Journal of Computer Science, vol. 19, no. 12, pp. 1549–1560, 2023. DOI: https://doi.org/10.3844/jcssp.2023.1549.1560
R. Basfar, M. Y. Dahab, A. M. Ali, F. Eassa, and K. Bajunaied, "Enhanced Intrusion Detection in Software-Defined Networking using Advanced Feature Selection: The EMRMR Approach," Engineering, Technology & Applied Science Research, vol. 14, no. 6, pp. 19001–19008, Dec. 2024, https://doi.org/10.48084/etasr.9256. DOI: https://doi.org/10.48084/etasr.9256
O. Almomani, A. Alsaaidah, A. A. Abu-Shareha, A. Alzaqebah, M. A. Almaiah, and Q. Shambour, "Enhance URL Defacement Attack Detection Using Particle Swarm Optimization and Machine Learning," Journal of Computational and Cognitive Engineering, Feb. 2025. DOI: https://doi.org/10.47852/bonviewJCCE52024668
Downloads
How to Cite
License
Copyright (c) 2025 Mosleh M. Abualhaj, Sumaya N. Al-Khatib, Mahran Al Zyoud, Iyas Qaddara, Mohammed Anbar
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
