Next Article in Journal
A Beamforming-Based Enhanced Handover Scheme with Adaptive Threshold for 5G Heterogeneous Networks
Next Article in Special Issue
Semi-Supervised Alert Filtering for Network Security
Previous Article in Journal
Picture Fuzzy Soft Matrices and Application of Their Distance Measures to Supervised Learning: Picture Fuzzy Soft k-Nearest Neighbor (PFS-kNN)
Previous Article in Special Issue
SPE-ACGAN: A Resampling Approach for Class Imbalance Problem in Network Intrusion Detection Systems
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Modeling of Improved Sine Cosine Algorithm with Optimal Deep Learning-Enabled Security Solution

1
Department of Information Systems, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O. Box 84428, Riyadh 11671, Saudi Arabia
2
Department of Information Systems, College of Computer Science, King Khalid University, Abha 61471, Saudi Arabia
3
SAUDI ARAMCO Cybersecurity Chair, Computer Science Department, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia
4
Department of Computers and Information Technology, College of Sciences and Arts, Northern Border University, Arar 91431, Saudi Arabia
5
Department of Computer and Self Development, Preparatory Year Deanship, Prince Sattam Bin Abdulaziz University, Al-Kharj 16278, Saudi Arabia
*
Author to whom correspondence should be addressed.
Electronics 2023, 12(19), 4130; https://doi.org/10.3390/electronics12194130
Submission received: 7 August 2023 / Revised: 13 September 2023 / Accepted: 21 September 2023 / Published: 3 October 2023
(This article belongs to the Special Issue Security and Privacy in Networks and Multimedia)

Abstract

:
Artificial intelligence (AI) acts as a vital part of enhancing network security using intrusion detection and anomaly detection. These AI-driven approaches have become essential components of modern cybersecurity strategies. Conventional IDS is based on predefined signatures of known attacks. AI improves signature-based detection by automating the signature generation and reducing false positives through pattern recognition. It can automate threat detection and response, allowing for faster reaction times and reducing the burden on human analysts. With this motivation, this study introduces an Improved Sine Cosine Algorithm with a Deep Learning-Enabled Security Solution (ISCA-DLESS) technique. The presented ISCA-DLESS technique relies on metaheuristic-based feature selection (FS) and a hyperparameter tuning process. In the presented ISCA-DLESS technique, the FS technique using ISCA is applied. For the detection of anomalous activities or intrusions, the multiplicative long short-term memory (MLSTM) approach is used. For improving the anomaly detection rate of the MLSTM approach, the fruitfly optimization (FFO) algorithm can be utilized for the hyperparameter tuning process. The simulation value of the ISCA-DLESS approach was tested on a benchmark NSL-KDD database. The extensive comparative outcomes demonstrate the enhanced solution of the ISCA-DLESS system with other recent systems with a maximum accuracy of 99.69%.

1. Introduction

Recently, cloud computing (CC) has developed as one of the common Internet-based technologies in the information technology (IT) field [1]. There are three levels that compose CC, e.g., the system layer, platform layer, and application layer [2]. Cloud security is considered the main challenge to cloud adoption by most enterprises [3]. The open and entirely dispersed nature of the cloud platform makes it extremely susceptible to vulnerabilities and security attacks [4]. Therefore, intruders have a high potential to carry out threats against cloud-linked devices or the cloud. Alternatively, cloud cyberattacks and services have a negative impact on CC platform performance and QoS requirements [5]. Conventional security regulation, namely, firewalls and antivirus software, could protect cloud infrastructure from complex cyberattacks [6]. By employing machine learning (ML), enterprises can improve their security actions and decrease the risk of data breaches. The possibility of ML to enhance attack detection and response is the major advantage of utilizing it for cloud security. Classical security regulations, namely, antivirus software and firewalls, are responsive and only react to known attacks [7]. Conversely, the ML method can detect patterns in information, which may specify an attack, even when the attack is not yet known. According to previous information, the ML technique is created for identifying designs that point to security vulnerabilities [8].
To overcome these problems and to improve the security of cloud services, providing a deep learning (DL)-based approach will be an adaptable solution [9]. Currently, DL is employed in various organizations due to its excellent prediction power and pattern recognition [10]. As DL utilizes a multi-mode neural network (NN) idea for simulating activities the same as the working model of the brain, it can be promoted and administered in a cloud-based infrastructure [11]. Using DL methods to train massive databases in the cloud platform can perform the overall processes of computing highly efficiently with low latency. Major attacks like trust difficulties, malware identification, data privacy, and network intrusion could be monitored utilizing DL techniques in real time [12]. Different from other standard security enhancers, DL approaches are learned and have intelligent abilities to offer disruptive outcomes in detecting attacks and improving cloud security in the constantly growing competitive world [13].
This study introduces an Improved Sine Cosine Algorithm with a Deep Learning-Enabled Security Solution (ISCA-DLESS) technique for the CC environment. In the presented ISCA-DLESS technique, the selection of features takes place by the ISCA. Additionally, the chosen features are passed into a multiplicative long short-term memory (MLSTM) model for intrusion detection. To improve the anomaly detection rate of the MLSTM approach, the fruitfly optimization (FFO) algorithm can be utilized for the hyperparameter tuning process. The experimental result analysis of the ISCA-DLESS system has been tested on a benchmark database. In short, the key contribution of the paper is summarized as follows.
  • Automated anomaly detection using the ISCA-DLESS technique comprising ISCA-based FS, MLSTM-based detection, and FFO-based hyperparameter tuning for CC is presented. To the best of our knowledge, the ISCA-DLESS technique has never existed in the literature.
  • The ISCA-DLESS employs an ISCA-based FS technique with the integration of the oppositional-based learning (OBL) concept with SCA, which reduces the data dimensionality and enhances the detection performance.
  • Applying MLSTM-based detection, which has the capability of capturing sequential patterns, makes it appropriate to detect anomalies in time-series data.
  • Employing the FFO algorithm for hyperparameter tuning of the MLSTM model efficiently searches for optimal hyperparameter configurations.
The rest of the paper is organized as follows. Section 2 provides the related works, and Section 3 offers the proposed model. Then, Section 4 gives the result analysis, and Section 5 concludes the paper.

2. Related Works

Maheswari et al. [14] developed an intrusion detection system (IDS) for web and CC platforms based on hybrid teacher learning-aided DRNN and cluster-based feature optimization. After feature extraction, the study used a Modified Manta-ray Foraging Optimization (MMFO) to select optimum features to detect further. A hybrid Teacher-Learning Enabled DRNN (TL-DRNN) is developed for the classification of web-cloud intrusion. In [15], an Effective Optimum Security Solution for IDS (EOS-IDS) in a CC platform by using a hybrid DL technique was designed. Pre-processing was performed by the improved heap optimization (IHO) method. Next, the authors offer a chaotic red deer optimizer (CRDO) method for optimal feature selections. Later, a deep Kronecker NN (DKNN) is shown for cloud attack and classification and recognition of intrusion. Toldinas et al. [16] devised an innovative technique for network IDS using multi-phrase DL image detection. The feature network was transformed into four-channel (Red, Green, Blue, and Alpha) images. Then, the images could be utilized for the classification to test and train the pretrained DL mechanism ResNet_50.
Srilatha and Thillaiarasu [17] introduced a Network Intrusion Detection and Prevention Scheme (NIDPS) to prevent and detect a large number of network attacks. The effective IDPS was tested and implemented in a network environment using different ML approaches. In this study, an improved ID3 was developed for identifying abnormalities in network activities and classifying them. The authors in [18] developed an IDSGT-DNN architecture to enhance security in cloud IDSs. The study incorporated defender and attacker systems for attack and normal data processing. In the DNN model, this technique could be implemented with IWA for the recognition of a better solution. Prabhakaran and Kulandasamy [19] suggested a hybrid semantic DL (HSDL) model by incorporating the SVM, LSTM, and CNN frameworks. The semantic data existing in the network traffic were detected utilizing a semantic layer called a Word2Vec embedding layer. The proposed architecture categorized the intrusion existing in the text and its respective attack classes.
Ravi et al. [20] presented a Cauchy GOA with DL for the Cloud-Enabled IDS (CGOA-DLCIDS) method. The proposed approach carried out feature subset selection by CGOA, which improved the recognition speed and decreased the feature subsets. Following this, the method exploited the attention-based LSTM (ALSTM) mechanism for accurate and automatic detection and classification of intrusion. Jisna et al. [21] presented a cloud-based DL LSTM-IDS technique and assessed it to hybrid Stacked Contractive AE (SCAE) along with the SVM-IDS mechanism. DL techniques such as basic ML were constructed to simultaneously perform attack detection and classification.
Alghamdi and Bellaiche [22] introduced an edge-cloud deep IDS technique in the Lambda framework for IoT security to overcome these problems. This approach minimized the time of the training stage by comparing it with standard ML methods and improved the accuracy of true positive-identified attacks. Moreover, the NN-layers’ main DL technique attained higher adaptability and performance compared with the standard ML technique. Alzubi et al. [23] proposed an Effective Seeker Optimization algorithm along with an ML-assisted IDS (ESOML-IDS) approach for the FC and EC platforms. The ESOML-IDS algorithm mainly developed an innovative ESO-based FS technique for optimally selecting feature subsets to detect the existence of intrusions in the FC and EC platforms. Ali and Zolkipli’s study [24] comprised a brief description of the IDS and presented to the reviewer some basic principles of the IDS task in CC, further developing a novel Fast Learning Network method for functions dependent upon intrusion detection.
Despite the availability of several anomaly and intrusion detection models, it remains a challenging problem. Due to the continuous deepening of the model, the number of parameters in DL models also increases quickly, which results in model overfitting. At the same time, different hyperparameters have a significant impact on the efficiency of the CNN model, particularly the learning rate. It is also needed to modify the learning rate parameter to obtain better performance. Therefore, in this study, we employed the FFO technique for the hyperparameter tuning of the MLSTM model.

3. The Proposed Model

In this manuscript, we have presented a novel ISCA-DLESS system for the effectual identification of anomalies and intrusions in the CC environment. The purpose of the ISCA-DLESS technique is to exploit the metaheuristic algorithms for FS and the hyperparameter tuning process. In the proposed ISCA-DLESS system, three main procedures are contained, such as ISCA-based FS, MLSTM-based classification, and FFO-based hyperparameter tuning. Figure 1 depicts the entire flow of the ISCA-DLESS method.

3.1. Stage I: Feature Selection Using ISCA

To elect an optimal set of features, the ISCA was used. SCA is a recent metaheuristic optimization algorithm for resolving global optimization problems [25]. Using SCA, a group of arbitrary populations of candidate performances with standard distribution could be produced to begin the optimizer technique. Then, the locations of candidate performances were upgraded by the following expression:
Y i t + 1 = Y i t + R 1 s i n ( R 2 ) R 3 Z i t Y i t      
Y i t + 1 = Y i t + R 1 c o s ( R 2 ) R 3 Z i t Y i t            
Now, Y i t + 1 and Y i t denote the position of i th solution candidate at the t and t + 1 iterations correspondingly. R 1 ,   R 2 ,   a n d   R 3 show a uniform distribution of random numbers, and Z i t shows the target point’s position at the i th parameter. The operator | | is utilized to define the absolute value:
Y i t + 1 = Y i t + R 1 s i n R 2 R 3 Z i t Y i t ,   R 4 < 0.5 Y i t + 1 = Y i t + R 1 c o s R 2 R 3 Z i t s Y i t ,   R 4 0.5        
where R 4 shows the uniformly distributed random value between 0 and 1 .   R 1 is a randomly generated vector that decides if the solution moves among the search space as well as a better solution. The vector R 2 defines the distance of candidate performances to or in a better solution. The R 3 third parameter describes arbitrary weighted over the better solution to define the micro search R 3 < 1 and macro search R 3 > 1 capabilities of this parameter. Due to this reason, R 3 is highly useful to avoid early convergence. Evolution from cos to sin functions can be assisted by the R 4 random vector. The range of the sin and cos function should be adaptively adjusted to achieve a proper balance between exploitation and exploration, as follows:
R 1 = k I t e r k M a x I t e r                
In Equation (4),   I t e r and M a x I t e r represent the present and maximal iteration, and k is a constant. The notion of the OBL method relies on an opposite number. Consider that p [ x ,   y ] , whereas y R , in which R represents the real number:
p 0 = x + y p              
Also, this description could be stretched to high dimensions. The opposite number p 0 =   p o 1 ,   p o 2 , , p o d for a number p was defined for d -dimensional search space as follows:
p i , o = x i + y i p i                
The concept of OBL was used for improving the micro search capability of the SCA.
Y i , o ( I t e r ) = x i + y i Y ( I t e r )
In the ISCA, the initial population was randomly generated by the uniform distribution, and the fitness of possible solutions was evaluated. Then, the better candidate solution Z was recognized. The OBL method attained a balance among micro as well as macro search capabilities by using the candidate solution. The linear adaptive operator was hybridized with the OBL model. This operator was capable of enhancing the convergence rate by fine-tuning the proper balance among the macro as well as micro search processes. This operator ensured the best exploration and exploitation as the number of generation’s problems of varying complexities. OBL was hybridized with linear adaptive (LA) operators to benchmark the function, as shown below:
y i , 0 I t e r = l a c × x i + y i Z i ( I t e r )      
In Equation (8), y i , 0 indicates the opposite solution candidate for the i th parameter around the better solution  Z i at t h e   I t e r existing iteration. The fitness can be measured after defining the opposite location around a better solution.
The fitness function (FF) of the ISCA is assumed to be the classifier accuracy and FS counts. It minimizes the set dimensional of FSs and maximizes the classifier accuracy. So, the following FF can be employed for measuring separate solutions, as written in Equation (9).
F i t n e s s = α   E r r o r R a t e + 1 α # S F # A l l _ F                        
whereas E r r o r R a t e indicates the classifier rate of errors employing the FSs. E r r o r R a t e is measured as the percentage of improper classifiers to the count of classifications made, stated as a value between zero and one. # S F mentions that the FS counts, and # A l l _ F implies the entire attribute counts from the new database. α is employed for controlling the impact of classifier quality and subset length.

3.2. Stage II: MLSTM-Based Classification

In this work, the MLSTM-based classification process could be employed. Classical ANN is constrained in its capability to obtain the sequential data required to handle sequence data in the input [26]. RNN can be used to extract sequential data in the raw information while making predictions, for example, links among the words from the text. An evaluation of RNN future hidden layer (HL) is given in the following: consider the time stamp vector = 1 , , T , a future HL vector n =   ( n 1 , , n T ) , an input y = y 1 , , y T , and an output x = x 1 ,   x T . Using the following equation, the HL vector is given:
n t = N ( W y n y t + W n n n t 1 + b n ) ,
For x t = W n n n t 1 + b n ,   N shows the activation function of the HL, and   W refers to the weight matrix.
The major problem of classical RNNs is that the backpropagation (BP) stage attenuates the loss function, which makes the number smaller, so it could not grant anything to learning. The gradient disappearing problem takes place once these layers gather a small gradient to enhance its weights and learning factors. The input, forget, and output gates are the gating mechanisms of the LSTM network. The forget gate will forbid or grant information and is estimated as follows:
F t = σ ( W x f x t + W h f h t 1 + W c f C t 1 + b f ) ,
In Equation (11), W x f represents the weighted vector amongst the input and forget gate; x t shows the existing data; and W h f indicates the weighted vectors amongst the forget gate and HL. If the accumulation of the variable is run with the activation function, the gate allows it to pass if the value is in the range of [ 0,1 ]. Otherwise, it removes the data.
Existing and prior outcomes are forwarded to the sigmoidal function that allows updating the cell state memory. At t time, the input vector was defined by the subsequent formula:
i t = σ ( W x i x t + W h i h t 1 + W c i C t 1 + b i ) ,
In Equation (12), W x i denotes the weighted vector of raw information, and W h i shows the weighted vector amongst current values and input gate. The cell layer introduces the existing cell layer, doubles the forgotten variable with the prior cell layer, and drops the variable if doubled by virtual 0 :
C t = F t C t 1 + i t   t a n h ( W x f x t + W h c h t 1 + b c ) ,
The second HL is defined by the output gate. At t h e   t timestamp, the resultant vector can be evaluated as follows:
o t = σ ( W x o x t + W h o h t 1 + W c o C t 1 + b o ) ,
Lastly, the hyperbolic activation function is represented as follows:
h t = o t . t a n h c t ,  
MLSTM is different from the typical LSTM frameworks that establish a gating mechanism named multiplicative connections. It can be planned to improve the learning and representation abilities of LSTM networks. It presents a novel gating mechanism named “update gate”, which is utilized for modulating the cell layer upgrade. The upgrade gate in an MLSTM is determined as the element-by-element product (Hadamard product) among the output of the forget gate as well as the input of the input gate. It implies that the upgrade gate controls several data in the preceding cell layer (determined by the forget gate), and a novel input (determined by the input gate) can be employed for updating the current cell layer. By utilizing element-by-element multiplication, the upgrade gate permits the LSTM to concentrate on particular sizes of the input and selectively upgrade the cell layer that is useful for sequence modelling tasks.

3.3. Stage III: Hyperparameter Tuning Using FFO Algorithm

To enhance the results of the MLSTM approach, the FFO system can be employed. The FFO algorithm is a new nature-inspired optimization approach [27]. Due to its simple computation operation, FFO is easy to apply and comprehend like other metaheuristic approaches. This technique is an SI approach stimulated by the knowledge of the foraging behavioural patterns of FFs. The FF exceeds other species relating to olfaction and vision, which they mainly depend on—FFs can collect miscellaneous aerial smells, notwithstanding the food source being far away. In the scouring stage, the FF scouts and locates food sources near the swarm and evaluates the odour intensity for the food sources. Once the better position with the high odour intensity is identified, the swarm navigates toward it.
Undeniably, the procedure of effectual teamwork and communication between individual FFs is vital to accomplish the strategies of resolving optimization problems. The algorithm has four different stages:
  • Initialization;
  • Osphresis foraging;
  • Population evaluation;
  • Vision.
At first, the parameter is set—the maximal amount of iterations and size of populations. The solution, viz. FFs are randomly initialized as follows:
X i j = r a n d ( U B j L B j ) + L B j ,      
In Equation (16), X i j denotes i th solution, and j th indicates the element’s location at the i th solution. L B indicates a lower boundary, whereas U B shows an upper boundary, and r a n d denotes a uniformly distributed random integer.
Next, the location updating of the solution takes place according to the osphresis foraging stage. The solution is randomly distributed from the existing position as follows:
X i j ( t + 1 ) = X i j ( t ) ± r a n d
In Equation (17), X i j ( t + 1 ) denotes the new location, X i j ( t ) indicates the existing solution, r a n d ( ) [ 1,1 ] , whereas t refers to the iteration count. The smell and distance are calculated following the location update. Next, the calculation of odor intensity—the function of smell (FF)—for every solution follows. When the optimal FF of the solution is superior to the prior best, the novel location of the solution with the better FF values replaces each solution’s position afterwards. Or else, the older solution position will remain. This procedure signifies the vision foraging stage. The process continues until the ending condition is met and produces better outcomes.
Fitness optimal is a key feature of the FFO system. An encoded outcome can be deployed to assess the goodness solution of candidate outcomes. Presently, the accuracy value is the major condition deployed to design an FF.
F i t n e s s = m a x P        
P = T P T P + F P        
In which T P and F P define the true and false positive values.

4. Results and Discussion

The proposed model was simulated using Python 3.6.5 tool (The source code will be made available once the funding project is complete). The proposed model was experimented on PC i5-8600k, GeForce 1050Ti 4 GB, 16 GB RAM, 250 GB SSD, and 1 TB HDD. In this section, the simulation validation of the ISCA-DLESS technique can be tested on the NSL-KDD database (available at https://www.kaggle.com/datasets/hassan06/nslkdd (accessed on 13 July 2023)), containing 125,973 instances with five class labels, as represented in Table 1. The ISCA-DLESS technique selected a total of 29 features from the available 42 features. The confusion matrices of the ISCA-DLESS algorithm on distinct databases are shown in Figure 2. The simulation value implied that the ISCA-DLESS approach accurately recognized various classes proficiently.
In Table 2 and Figure 3, the overall outcome of the ISCA-DLESS system with 80:20 of the TR set/TS set is portrayed. The results suggested that the ISCA-DLESS technique reached enhanced performance in all classes.
With 80% of the TR set, the ISCA-DLESS technique attained average a c c u y , p r e c n , r e c a l , F s c o r e , and MCC values of 99.69%, 89.64%, 90.60%, 89.99%, and 89.80%, respectively. Also, with 20% of the TS set, the ISCA-DLESS methodology accomplished average a c c u y , p r e c n , r e c a l , F s c o r e , and MCC values of 99.67%, 89.97%, 93.14%, 91.41%, and 91.22% correspondingly.
In Table 3 and Figure 4, the overall outcome of the ISCA-DLESS methodology with 70:30 of the TR set/TS set is portrayed. The results suggested that the ISCA-DLESS system attained greater performance under all classes. With 70% of TR set, the ISCA-DLESS approach obtains average a c c u y , p r e c n , r e c a l , F s c o r e , and MCC values of 99.40%, 71.13%, 75.67%, 73.01%, and 72.75% correspondingly. Then, with 30% of TS set, the ISCA-DLESS method gained average a c c u y , p r e c n , r e c a l , F s c o r e , and MCC values of 99.45%, 72.34%, 76.13%, 73.98%, and 73.69%, respectively.
Figure 5 demonstrates the training accuracy T R _ a c c u y and V L _ a c c u y of the ISCA-DLESS system on 80:20 of the TR set/TS set. The T L _ a c c u y was defined by the assessment of the ISCA-DLESS technique on the TR dataset, whereas the V L _ a c c u y was calculated by estimating the performance on a separate testing dataset. The outcomes exhibited that T R _ a c c u y and V L _ a c c u y increased with an upsurge in epochs. As a result, the performance of the ISCA-DLESS system improved on the TR and TS datasets with a rise in the number of epochs.
In Figure 6, the T R _ l o s s and V R _ l o s s   curve of the ISCA-DLESS system on 80:20 of the TR set/TS set is depicted. The T R _ l o s s defines the error among the predictive outcome and original values on the TR data. The V R _ l o s s signifies the measure of the solution of the ISCA-DLESS technique on individual validation data. The results stated that the T R _ l o s s and V R _ l o s s tended to be lesser with rising epochs. It depicted the enhanced performance of the ISCA-DLESS technique and its ability to create an accurate classification. The reduced value of T R _ l o s s and V R _ l o s s established the greater performance of the ISCA-DLESS method in capturing patterns and relationships.
A comprehensive precision–recall (PR) analysis of the ISCA-DLESS system is displayed on 80:20 of the TR set/TS set in Figure 7. The simulation value defined the ISCA-DLESS approach solution in greater PR values. Afterwards, it could be clear that the ISCA-DLESS algorithm attained superior performances of PR in five classes.
In Figure 8, a ROC analysis of the ISCA-DLESS algorithm is defined on 80:20 of the TR set/TS set. The simulation value determined that the ISCA-DLESS approach led to maximal values of ROC. Next, the ISCA-DLESS system achieved greater outcomes in ROC in five classes.
In Table 4, a detailed comparative result of the ISCA-DLESS methodology with recent systems is made [28]. Figure 9 depicts the a c c u y and F s c o r e outcomes of the ISCA-DLESS approach with other approaches. The obtained values inferred that the LKM-OFLS and PCA-NN models reached poor performance. At the same time, the K-means-OFLS, MLP, and FCM-OFLS models reported moderately improved results. Meanwhile, the IMFL-IDSCS technique attained considerable performance. Finally, the ISCA-DLESS technique showcased better performance, with a maximum a c c u y of 99.69% and a n   F s c o r e of 89.99%.
Figure 10 represents the p r e c n and r e c a l analysis of the ISCA-DLESS system with other methods. The simulation values implied that the LKM-OFLS and PCA-NN approaches attained worse outcomes. Then, the K-means-OFLS, MLP, and FCM-OFLS methods reported moderately enhanced performance. In the meantime, the IMFL-IDSCS system attained considerable outcomes. At last, the ISCA-DLESS system demonstrated optimum performance with maximal p r e c n of 89.64% and r e c a l of 90.60%. Therefore, the ISCA-DLESS technique could be utilized for enhanced cloud security.

5. Conclusions

In this study, we derived a novel ISCA-DLESS algorithm for effectual identification of anomalies and intrusions in the CC environment. The ISCA-DLESS technique applied the FS process with a hyperparameter-tuned classification model for anomaly detection. In the proposed ISCA-DLESS system, the three main procedures comprised ISCA-based FS, MLSTM-based classification, and FFO-based hyperparameter tuning. The application of the ISCA-based FS helped in reducing the high dimensionality problem and enhanced the classification performance. Moreover, the use of the FFO algorithm for the hyperparameter tuning of the MLSTM model aided in accomplishing an improved detection rate. The comprehensive analysis demonstrated an enhanced solution in the ISCA-DLESS technique with other recent approaches, with a maximum accuracy of 99.69%. Thus, the ISCA-DLESS technique could be applied for automated anomaly detection in the CC environment. In future, the proposed model could be extended to address cloud-specific threats, such as misconfigurations, data exposure, and supply chain attacks, in the context of anomaly detection. In addition, the proposed model could operate seamlessly across multiple cloud providers and hybrid cloud environments. This includes ensuring interoperability and consistent threat monitoring.

Author Contributions

Conceptualization, L.A.; Methodology, L.A., M.M. and S.S.A.; Software, A.A.A.; Validation, M.M., R.A. and A.A.A.; Investigation, L.A.; Data curation, S.S.A.; Writing—original draft, L.A., M.M., S.S.A. and R.A.; Writing—review & editing, M.M., S.S.A., R.A. and A.A.A.; Visualization, A.A.A.; Project administration, R.A.; Funding acquisition, L.A. All authors have read and agreed to the published version of the manuscript.

Funding

The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work through large group Research Project under grant number (RGP2/235/44). This research was funded by Princess Nourah bint Abdulrahman University Researchers Supporting Project number (PNURSP2023R349), Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia. The authors extend their appreciation to the Deanship of Scientific Research at Northern Border University, Arar, KSA for funding this research work through the project number “NBU-FFR-2023-0114. We Would like to thank SAUDI ARAMCO Cybersecurity Chair for funding this project. This study is supported via funding from Prince Sattam bin Abdulaziz University project number (PSAU/2023/R/1444).

Data Availability Statement

Data sharing does not apply to this article, as no datasets were generated during the current study.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Jain, D.K.; Ding, W.; Kotecha, K. Training a fuzzy deep neural network with honey badger algorithm for intrusion detection in the cloud environment. Int. J. Mach. Learn. Cybern. 2023, 14, 2221–2237. [Google Scholar] [CrossRef]
  2. Sathiyadhas, S.S.; Soosai Antony, M.C.V. A network intrusion detection system in a cloud computing environment using dragonfly improved invasive weed optimization integrated Shepard convolutional neural network. Int. J. Adapt. Control Signal Process. 2022, 36, 1060–1076. [Google Scholar] [CrossRef]
  3. Yi, L.; Yin, M.; Darbandi, M. A deep and systematic review of the intrusion detection systems in the fog environment. Trans. Emerg. Telecommun. Technol. 2023, 34, e4632. [Google Scholar] [CrossRef]
  4. Goyal, S.B.; Bedi, P.; Kumar, S.; Kumar, J.; Karahroudi, N.R. Application of Deep Learning in Honeypot Network for Cloud Intrusion Detection. In Proceedings of the International Conference on Computational Intelligence and Data Engineering: ICCIDE 2021; Springer: Singapore, 2022; pp. 251–266. [Google Scholar]
  5. Asaolu, O.S. Leveraging Deep Learning-Enabled Intrusion Detection Systems for a Cloud Environment. Ph.D. Thesis, Morgan State University, Baltimore, MD, USA, 2023. [Google Scholar]
  6. Cheikhrouhou, O.; Mahmud, R.; Zouari, R.; Ibrahim, M.; Zaguia, A.; Gia, T.N. One-dimensional CNN approach for ECG arrhythmia analysis in fog-cloud environments. IEEE Access 2021, 9, 103513–103523. [Google Scholar] [CrossRef]
  7. Hussain, M.; Cifci, M.A.; Sehar, T.; Nabi, S.; Cheikhrouhou, O.; Maqsood, H.; Ibrahim, M.; Mohammad, F. Machine learning-based efficient prediction of positive cases of waterborne diseases. BMC Med. Inform. Decis. Mak. 2023, 23, 11. [Google Scholar] [CrossRef] [PubMed]
  8. Mubeen, A.; Ibrahim, M.; Bibi, N.; Baz, M.; Hamam, H.; Cheikhrouhou, O. Alts: An adaptive load-balanced task scheduling approach for cloud computing. Processes 2021, 9, 1514. [Google Scholar] [CrossRef]
  9. Salvakkam, D.B.; Saravanan, V.; Jain, P.K.; Pamula, R. Enhanced Quantum-Secure Ensemble Intrusion Detection Techniques for Cloud Based on Deep Learning. Cogn. Comput. 2023, 15, 1593–1612. [Google Scholar] [CrossRef]
  10. Chakravarthi, S.S.; Kannan, R.J.; Natarajan, V.A.; Gao, X.Z. Deep Learning Based Intrusion Detection in Cloud Services for Resilience Management. Comput. Mater. Contin. 2022, 71, 3. [Google Scholar]
  11. Priya, S.; Ponmagal, R.S. Network Intrusion Detection System Based Security System for Cloud Services Using Novel Recurrent Neural Network-Autoencoder (NRNN-AE) and Genetic. Adv. Sci. Technol. 2023, 124, 729–737. [Google Scholar]
  12. Jyothsna, V.; Manisha, C.; NanduSri, B.S. Intrusion Detection System for Detection of DDoS Attacks in Cloud Environment. Res. Sq. 2023. preprint. [Google Scholar] [CrossRef]
  13. Basahel, A.M.; Yamin, M.; Basahel, S.M.; Lydia, E.L. Enhanced Coyote Optimization with Deep Learning Based Cloud-Intrusion Detection System. Comput. Mater. Contin. 2023, 74, 4319–4336. [Google Scholar] [CrossRef]
  14. Maheswari, K.G.; Siva, C.; Nalinipriya, G. Optimal cluster-based feature selection for intrusion detection systems in web and cloud computing environments using hybrid teacher learning optimization enables deep recurrent neural networks. Comput. Commun. 2023, 202, 145–153. [Google Scholar] [CrossRef]
  15. Mayuranathan, M.; Saravanan, S.K.; Muthusenthil, B.; Samydurai, A. An efficient optimal security system for intrusion detection in a cloud computing environment using hybrid deep learning technique. Adv. Eng. Softw. 2022, 173, 103236. [Google Scholar] [CrossRef]
  16. Toldinas, J.; Venčkauskas, A.; Damaševičius, R.; Grigaliūnas, Š.; Morkevičius, N.; Baranauskas, E. A novel approach for network intrusion detection using multistage deep learning image recognition. Electronics 2021, 10, 1854. [Google Scholar] [CrossRef]
  17. Srilatha, D.; Thillaiarasu, N. Implementation of Intrusion detection and prevention with Deep Learning in Cloud Computing. J. Inf. Technol. Manag. 2023, 15, 1–18. [Google Scholar]
  18. Balamurugan, E.; Mehbodniya, A.; Kariri, E.; Yadav, K.; Kumar, A.; Haq, M.A. Network optimization using defender system in cloud computing security-based intrusion detection system with game theory deep neural network (IDSGT-DNN). Pattern Recognit. Lett. 2022, 156, 142–151. [Google Scholar] [CrossRef]
  19. Prabhakaran, V.; Kulandasamy, A. Hybrid semantic deep learning architecture and optimal advanced encryption standard key management scheme for secure cloud storage and intrusion detection. Neural Comput. Appl. 2021, 33, 14459–14479. [Google Scholar] [CrossRef]
  20. Ravi, C.N.; Karthik, T.S.; Manikandan, K.; Kalaivaani, P.; Chopkar, P.N.; Srivastava, A. Cauchy Grasshopper Optimization Algorithm with Deep Learning Model for Cloud-Enabled Cyber Threat Detection System. In Proceedings of the 2023 7th International Conference on Intelligent Computing and Control Systems (ICICCS), Madurai, India, 17–19 May 2023; pp. 202–208. [Google Scholar]
  21. Jisna, P.; Jarin, T.; Praveen, P.N. Advanced intrusion detection using deep learning-LSTM network on cloud environment. In Proceedings of the 2021 Fourth International Conference on Microelectronics, Signals & Systems (ICMSS), Kollam, India, 18–19 November 2021; pp. 1–6. [Google Scholar]
  22. Alghamdi, R.; Bellaiche, M. A deep intrusion detection system in lambda architecture based on edge cloud computing for IoT. In Proceedings of the 2021 4th International Conference on Artificial Intelligence and Big Data (ICAIBD), Chengdu, China, 28–31 May 2021; pp. 561–566. [Google Scholar]
  23. Alzubi, O.A.; Alzubi, J.A.; Alazab, M.; Alrabea, A.; Awajan, A.; Qiqieh, I. Optimized machine learning-based intrusion detection system for fog and edge computing environment. Electronics 2022, 11, 3007. [Google Scholar] [CrossRef]
  24. Ali, M.H.; Zolkipli, M.F. Intrusion-detection system based on fast learning network in cloud computing. Adv. Sci. Lett. 2018, 24, 7360–7363. [Google Scholar] [CrossRef]
  25. Sharma, P.; Dinkar, S.K. A linearly adaptive Sine–cosine algorithm with application in a deep neural network for feature optimization in arrhythmia classification using ECG signals. Knowl.-Based Syst. 2022, 242, 108411. [Google Scholar] [CrossRef]
  26. Anbarasi, A.; Ravi, T.; Manjula, V.S.; Brindha, J.; Saranya, S.; Ramkumar, G.; Rathi, R. A modified deep learning framework for arrhythmia disease analysis in medical imaging using electrocardiogram signal. BioMed Res. Int. 2022, 2022, 5203401. [Google Scholar] [CrossRef]
  27. Bacanin, N.; Budimirovic, N.; K, V.; Strumberger, I.; Alrasheedi, A.F.; Abouhawwash, M. Novel chaotic oppositional fruit fly optimization algorithm for feature selection applied on COVID-19 patients’ health prediction. PLoS ONE 2022, 17, e0275727. [Google Scholar] [CrossRef] [PubMed]
  28. Alohali, M.A.; Elsadig, M.; Al-Wesabi, F.N.; Al Duhayyim, M.; Mustafa Hilal, A.; Motwakel, A. Enhanced Chimp Optimization-Based Feature Selection with Fuzzy Logic-Based Intrusion Detection System in Cloud Environment. Appl. Sci. 2023, 13, 2580. [Google Scholar] [CrossRef]
Figure 1. Overall flow of ISCA-DLESS system.
Figure 1. Overall flow of ISCA-DLESS system.
Electronics 12 04130 g001
Figure 2. Confusion matrices of (a,b) 80:20 of TR set/TS set and (c,d) 70:30 of TR set/TS set.
Figure 2. Confusion matrices of (a,b) 80:20 of TR set/TS set and (c,d) 70:30 of TR set/TS set.
Electronics 12 04130 g002
Figure 3. Average of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Figure 3. Average of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Electronics 12 04130 g003
Figure 4. Average of ISCA-DLESS algorithm on 70:30 of TR set/TS set.
Figure 4. Average of ISCA-DLESS algorithm on 70:30 of TR set/TS set.
Electronics 12 04130 g004
Figure 5. A c c u y curve of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Figure 5. A c c u y curve of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Electronics 12 04130 g005
Figure 6. Loss curve of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Figure 6. Loss curve of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Electronics 12 04130 g006
Figure 7. PR curve of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Figure 7. PR curve of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Electronics 12 04130 g007
Figure 8. ROC of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Figure 8. ROC of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Electronics 12 04130 g008
Figure 9. A c c u y and F s c o r e outcome of ISCA-DLESS approach with recent systems [28].
Figure 9. A c c u y and F s c o r e outcome of ISCA-DLESS approach with recent systems [28].
Electronics 12 04130 g009
Figure 10. P r e c n and r e c a l outcome of ISCA-DLESS approach with recent systems [28].
Figure 10. P r e c n and r e c a l outcome of ISCA-DLESS approach with recent systems [28].
Electronics 12 04130 g010
Table 1. Description of database.
Table 1. Description of database.
ClassNo. of Instances
Dos45,927
R2l995
Probe11,656
U2r52
Normal67,343
Total No. of instances 125,973
Table 2. Classifier outcome of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Table 2. Classifier outcome of ISCA-DLESS algorithm on 80:20 of TR set/TS set.
Class A c c u y P r e c n R e c a l F S c o r e MCC
TR set (80%)
Dos99.5599.5199.2599.3899.03
R2l99.7981.9093.7687.4387.52
Probe99.7497.9699.2898.6198.47
U2r99.9769.2361.3665.0665.16
Normal99.4299.5899.3399.4598.83
Average99.6989.6490.6089.9989.80
TS set (20%)
Dos99.5299.4799.2099.3498.96
R2l99.7477.6893.3084.7885.01
Probe99.7298.1398.8598.4998.34
U2r99.9875.0075.0075.0074.99
Normal99.4199.5699.3399.4598.81
Average99.6789.9793.1491.4191.22
Table 3. Classifier outcome of ISCA-DLESS algorithm on 70:30 of TR set/TS set.
Table 3. Classifier outcome of ISCA-DLESS algorithm on 70:30 of TR set/TS set.
Class A c c u y P r e c n R e c a l F S c o r e MCC
TR set (70%)
Dos99.2498.9398.9998.9698.36
R2l99.4560.7584.4770.6771.38
Probe99.3296.6595.9996.3295.95
U2r99.9600.0000.0000.0000.00
Normal99.0399.3098.8999.1098.06
Average99.4071.1375.6773.0172.75
TS set (30%)
Dos99.2998.9599.0999.0298.46
R2l99.5466.5086.2775.1175.52
Probe99.3896.9396.2996.6196.27
U2r99.9600.0000.0000.0000.00
Normal99.1099.3398.9799.1598.18
Average99.4572.3476.1373.9873.69
Table 4. Comparative outcome of ISCA-DLESS system with recent techniques [28].
Table 4. Comparative outcome of ISCA-DLESS system with recent techniques [28].
Methods A c c u y P r e c n R e c a l F S c o r e
ISCA-DLESS99.6989.6490.6089.99
IMFL-IDSCS99.4486.1578.3681.92
LKM-OFLS 89.4784.7674.8078.38
K-means-OFLS 91.5585.8775.6378.46
MLP Algorithm91.5986.7276.8975.13
PCA-NN90.2284.6876.1977.68
FCM-OFLS93.5082.8574.5475.80
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Almuqren, L.; Maray, M.; Aljameel, S.S.; Allafi, R.; Alneil, A.A. Modeling of Improved Sine Cosine Algorithm with Optimal Deep Learning-Enabled Security Solution. Electronics 2023, 12, 4130. https://doi.org/10.3390/electronics12194130

AMA Style

Almuqren L, Maray M, Aljameel SS, Allafi R, Alneil AA. Modeling of Improved Sine Cosine Algorithm with Optimal Deep Learning-Enabled Security Solution. Electronics. 2023; 12(19):4130. https://doi.org/10.3390/electronics12194130

Chicago/Turabian Style

Almuqren, Latifah, Mohammed Maray, Sumayh S. Aljameel, Randa Allafi, and Amani A. Alneil. 2023. "Modeling of Improved Sine Cosine Algorithm with Optimal Deep Learning-Enabled Security Solution" Electronics 12, no. 19: 4130. https://doi.org/10.3390/electronics12194130

APA Style

Almuqren, L., Maray, M., Aljameel, S. S., Allafi, R., & Alneil, A. A. (2023). Modeling of Improved Sine Cosine Algorithm with Optimal Deep Learning-Enabled Security Solution. Electronics, 12(19), 4130. https://doi.org/10.3390/electronics12194130

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop