|
| Reference | Technique used | Dataset used | Description | Outcomes |
|
| Hao et al. [36] | The hybrid form of k-means + PSO | KDDCUP99 | The proposed model can be used to detect the crowd (undetermined session) is normal or an attack. | The proposed model can detect attacks with better performance. |
|
| Momanyi Nyabuga et al. [37] | Particle swarm optimization | KDDCUP99 | The proposed model provides a review and discussions of the denial of service attack detection and prevention mechanisms; moreover, it intended to propose the particle swarm algorithm optimally helps to detect DOS attack. | The simulated outcomes have shown that the proposed PSO-based model was efficiently used for attack detection as compared with other methods. |
|
| Shinde and Parvat [26] | The hybrid form of PSO + SVM | NSL-KDD | The attack detection model was designed using a hybrid form of SVM machine with the PSO technique for the selection of optimal features to achieve high accuracy and performance also lower the FAR alarm than normal IDS. | The hybrid approach of machine learning and optimization technique (ABC-SVM) provides better results than the other single approach. The results showed a detection rate with 98.53% and a false alarm rate with 0.0374. |
|
| Siva Sankari1 et al. [39] | Genetic algorithms | KDDCUP99 | The proposed model is designed by using the genetic algorithm (GA) for the detection of DoS. | This detection approach was better-performed attack detection but not proved to be very efficient as comparing its performance with the hybrid technique approached model. However, it provides better results than the traditional one. |
|
| Mizukoshi and Munetomo [40] | Genetic algorithms | KDDCUP99 | This proposed model is based on real-time traffic pattern analysis using a genetic algorithm (GA) approach for optimal pattern extraction. | The experimental result has shown that the proposed method performed well as compared with other traditional methods. |
|
| Lee et al. [41] | Genetic algorithms | DARPA 2000, LBL-PKT-4 | This proposed model is designed for the detection of distributed denial of service attack using a traffic matrix and optimizes some features of the traffic matrix by using GA. | The detection rate and accuracy by using this method were better compared with other traditional techniques. |
|
| Dimitris et al. [43] | Genetic algorithms | KDDCUP99 | This proposed work is designed for the detection of DDoS attacks using a genetic algorithm for efficient feature selection and optimizing some parameters. Genetic algorithm (GA) evaluation used designed error-free neural network detector. | The evaluated results have shown that the features that best qualify for DDoS attack detection were optimally selected by the proposed approach and provide better results. |
|
| Chen et.al. [51] | Ant colony optimization | DARPA/LLDOS KDDCUP99 | This proposed work investigated different complexity of the DDIACS framework and also presents its comparison with the swarm technique and other probability-based techniques. | The results have shown that the proposed framework successfully resolved the problems related to processing attributes, and DDIACS framework provides higher performance than existing methods. |
|
| Kumar and Walia [52] | Ant colony optimization | KDDCUP99 | The objective of this work was to design and implement OSLR and DSR protocols for the blackhole attack also prevent the system from the threat. | After evaluation, results showed that the proposed approach performed well on various network performance metrics such as bit error rate, throughput, delay, and packet delivery ratio. |
|
| Rais and Mehmood [53] | Ant colony optimization | KDDCUP99 | The proposed model used the ACO optimization technique for better feature selection by various stages of pheromones that help ants to find the optimal features. | Evaluation of the result shows that the proposed approach outperformed in optimal feature selection as compared with the traditional techniques. |
|
| Bhuyan et al. [42] | Artificial bee colony | KDDCUP99 | This proposed method is applied to ABC algorithm. Anomaly-based attack detection is used by using different feature selection techniques to minimize the number of unwanted features and pick the best one. | Experimental results have shown that the performance of ABC algorithm was better than traditional approaches and also achieved a high accuracy rate. |
|
