Alexandria Engineering Journal (Nov 2024)

Class imbalanced data handling with cyberattack classification using Hybrid Salp Swarm Algorithm with deep learning approach

  • Bayan Alabduallah,
  • Mohammed Maray,
  • Nuha Alruwais,
  • Rana Alabdan,
  • Abdulbasit A. Darem,
  • Fouad Shoie Alallah,
  • Raed Alsini,
  • Ayman Yafoz

Journal volume & issue
Vol. 106
pp. 654 – 663

Abstract

Read online

Cyberattack classification involves applying deep learning (DL) and machine learning (ML) models to categorize digital threats based on their features and behaviors. These models examine system logs, network traffic, or other associated data patterns to discriminate between standard activities and malicious actions. Efficient cyberattack classification is vital for on-time threat detection and response, permitting cybersecurity specialists to categorize and reduce potential risks to a system. Handling class-imbalanced data in cyberattack classification using DL is critical for achieving exact and robust models. In cybersecurity databases, instances of normal behavior frequently significantly outnumber instances of cyberattacks, foremost due to biased methods that may complete poorly on minority classes. To address this issue approaches such as oversampling the lesser class, undersampling the popular class, or using more advanced systems can be used. These plans defend that the DL technique is more complex when determining cyberattacks, so it increases complete performance and adapts the effect of the imbalance class on the classification results. This study presents a novel Hybrid Salp Swarm Algorithm with a DL Approach for Cyberattack Classification (HSSADL-CAC) technique. The HSSADL-CAC method intends to resolve class imbalance data handling with an optimum DL model for the recognition of cyberattacks. At first, the HSSADL-CAC method experiences data normalization as a pre-processing stage. The HSSADL-CAC technique uses the ADASYN approach to handle class imbalance problems. In addition, the HSSADL-CAC technique applies an HSSA-based feature selection approach. The HSSADL-CAC technique detects cyberattacks using a deep extreme learning machine (DELM) model. Finally, the hyperparameter tuning of the ELM model takes place by utilizing the beluga whale optimization (BWO) model. The performance analysis of the HSSADL-CAC technique employs a benchmark database. The comprehensive comparison research indicates the superior performance of the HSSADL-CAC technique in the cyberattack detection procedure.

Keywords