<p>As cyberattacks grow increasingly sophisticated and diverse, securing modern networks requires advanced detection techniques capable of identifying both known and novel threats. This article shows a new hybrid framework for finding intrusions. It combines artificial bee colonies for optimization, principal component analysis for feature reduction, clustering for normalized feature extraction, and gradient boosting machines for classification. The proposed method achieves superior performance across multiple datasets, including KDD ‘99, NSL-KDD, CICIoT2023, N-BaIoT, and UNSW-NB15. It consistently outperforms existing methods, achieving detection accuracies of 99.53% on KDD ‘99, 99.85% on NSL-KDD, 99.32% on CICIoT2023, 99.1% on N-BaIoT, and 99.25% on UNSW-NB15. The method also demonstrates high sensitivity (up to 99.8%) and specificity (up to 99.8%), highlighting its effectiveness in minimizing false positives and capturing diverse attack patterns. By optimizing feature selection and model parameters simultaneously, the framework adapts well to complex network environments while maintaining computational efficiency.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A hybrid approach for network intrusion detection using artificial bee colony optimization and ensemble learning

  • Nermin Akoul,
  • Ali Ahmad Ahmad,
  • Sadek Pro

摘要

As cyberattacks grow increasingly sophisticated and diverse, securing modern networks requires advanced detection techniques capable of identifying both known and novel threats. This article shows a new hybrid framework for finding intrusions. It combines artificial bee colonies for optimization, principal component analysis for feature reduction, clustering for normalized feature extraction, and gradient boosting machines for classification. The proposed method achieves superior performance across multiple datasets, including KDD ‘99, NSL-KDD, CICIoT2023, N-BaIoT, and UNSW-NB15. It consistently outperforms existing methods, achieving detection accuracies of 99.53% on KDD ‘99, 99.85% on NSL-KDD, 99.32% on CICIoT2023, 99.1% on N-BaIoT, and 99.25% on UNSW-NB15. The method also demonstrates high sensitivity (up to 99.8%) and specificity (up to 99.8%), highlighting its effectiveness in minimizing false positives and capturing diverse attack patterns. By optimizing feature selection and model parameters simultaneously, the framework adapts well to complex network environments while maintaining computational efficiency.