K-means and meta-heuristic algorithms for intrusion detection systems.

In this research paper, we propose a two-stage hybrid approach that uses machine learning techniques and meta-heuristic algorithms. The first step, known as data preparation, involves converting string values to numeric format and subsequently normalizing the data. To increase the performance beyond the limitations of traditional methods, we use population-based meta-heuristic algorithms, namely Atom Search Optimization (ASO) and Equilibrium Optimization (EO), for feature selection, aiming to achieve global optimization. The second step, called attack detection, focuses on distinguishing normal traffic from malicious traffic. To improve the performance of this step, we use K-means clustering and firefly algorithm (FA). In addition, an elitism method is randomly integrated. The resulting approach is called ASO-EO-FA-K-means. We evaluate the performance of our proposed method using two datasets, namely NSL-KDD, UNSW_NB15, and KDD_CUP99. To establish a benchmark, we compare our method with other approaches including Particles Swarm Optimization (PSO), Genetic, Grey Wolf Optimization (GWO), Ant colony optimization (ACO), Harris Hawk Optimization (HHO), NSGA-2, Multi-objective PSO, Multi-objective GWO, learning vector quantization (LVQ), XGBoost, particle swarm optimization based on C4.5 (PSO-C4.5) and genetic algorithm based on multilayer perceptron (GA-MLP)) we compare. The evaluation results show that the proposed method achieves the highest accuracy and the lowest error rate in three datasets NSL-KDD and UNSW_NB15 KDD-CUP99 with accuracy values of 0.998, 0.995 and 0.995, respectively. In addition, our method shows superior efficiency in terms of computation time. In general, our research shows the effectiveness of the ASO-EO-FA-K-means method in intrusion detection and provides better accuracy and efficiency compared to alternative approaches. In all three data sets, the results have shown that NSL-KDD data set with MSE 0.012, accuracy value 0.998 has obtained better results than other data sets. [ABSTRACT FROM AUTHOR]