Improving intrusion detection systems using AdaBoost algorithm and Harris Hawk optimization

With the increasing spread of attacks on computer networks, the use of intrusion detection systems is inevitable. The purpose of an intrusion detection system is to monitor abnormal activities and to distinguish between normal and abnormal behaviors (intrusion) in a host system or in a network. One of the main problems of intrusion detection systems is the high volume of alarms, which practically eliminates the possibility of dealing with them. An intrusion detection system is effective that can detect a wide range of attacks while reducing the amount of false alarms. In this paper, a new feature-based intrusion detection approach is proposed in which the AdaBoost algorithm combines with the Harris Hawks optimization algorithm and optimized parameters. Studies show that the proposed method detects malicious samples in computer networks with an average accuracy in the CICIDS2017 dataset is 99.86% and for the NSL_KDD dataset is 99.88%; comparing the findings with similar works also indicates that the proposed method is more accurate than them in distinguishing invasive samples from normal.