Advancing Network Security: Integrating Salp Swarm Optimization with LSTM for Intrusion Detection
Downloads
Over time, intrusion detection systems have grown essential in ensuring network security by identifying malicious activities within network traffic and alerting security teams. Machine learning techniques have been employed to develop these systems. However, these approaches often face challenges related to low accuracy and high false alarm rates. Deep learning models like Long Short-Term Memory (LSTM) are utilized to address these limitations. Despite their potential, LSTM models require numerous iterations to achieve optimal performance. This study introduces an enhanced version of the LSTM algorithm, termed ILSTM, which integrates the Salp Swarm Optimizer (SSO) to boost accuracy. The ILSTM framework was applied to construct an advanced intrusion detection system capable of binary and multi-class classifications. The approach comprises two phases: The first involves training a standard LSTM model to initialize its weights. In contrast, the second employs the SSO hybrid optimization algorithm to fine-tune these weights, enhancing overall performance. The effectiveness of the ILSTM algorithm and the intrusion detection system was assessed using two publicly available datasets, NSL-KDD and LITNET-2020, across nine performance metrics. Results demonstrated that the ILSTM significantly outperformed the conventional LSTM and other comparable deep learning models in accuracy and precision. Specifically, the ILSTM achieved an accuracy of 93.09% and a precision of 96.86%, compared to 82.74% accuracy and 76.49% precision for the standard LSTM. Moreover, the ILSTM exhibited superior performance on both datasets and was statistically validated to be more robust than LSTM. Furthermore, the ILSTM excelled in multiclass intrusion classification tasks, effectively identifying intrusion types.
Downloads
[1] Bahaa, A., Abdelaziz, A., Sayed, A., Elfangary, L., & Fahmy, H. (2021). Monitoring real time security attacks for IoT systems using devsecops: A systematic literature review. Information (Switzerland), 12(4), 154. doi:10.3390/info12040154.
[2] Ma, Y., Gelenbe, E., & Liu, K. (2024). Impact of IoT System Imperfections and Passenger Errors on Cruise Ship Evacuation Delay. Sensors, 24(6), 1850. doi:10.3390/s24061850.
[3] Jahid, A., & Hossain, M. S. (2017). Energy-cost aware hybrid power system for off-grid base stations under green cellular networks. 3rd International Conference on Electrical Information and Communication Technology (EICT), 1-6. doi:10.1109/EICT.2017.8275226.
[4] Gelenbe, E., Gül, B. C., & Nakıp, M. (2024). DISFIDA: Distributed Self-Supervised Federated Intrusion Detection Algorithm with online learning for health Internet of Things and Internet of Vehicles. Internet of Things (Netherlands), 28. doi:10.1016/j.iot.2024.101340.
[5] Ma, Y., Gelenbe, E., & Liu, K. (2024). IoT Performance for Maritime Passenger Evacuation. IEEE 10th World Forum on Internet of Things, WF-IoT 2024, 1–6. doi:10.1109/WF-IoT62078.2024.10811235.
[6] Gamage, S., & Samarabandu, J. (2020). Deep learning methods in network intrusion detection: A survey and an objective comparison. Journal of Network and Computer Applications, 169(May), 102767. doi:10.1016/j.jnca.2020.102767.
[7] Bergquist, J., Gelenbe, E., & Sigman, K. (2024). On an Adaptive-Quasi-Deterministic Transmission Policy Queueing Model. Proceedings - IEEE Computer Society’s Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems, MASCOTS, 1–7. doi:10.1109/MASCOTS64422.2024.10786509.
[8] Ju, C., Jiang, X., Wu, J., & Ni, C. (2024). AI-driven vulnerability assessment and early warning mechanism for semiconductor supply chain resilience. Annals of Applied Sciences, 5(1), 1-19.
[9] Kuaban, G. S., Czachórski, T., Gelenbe, E., Pecka, P., Nkemeni, V., & Czekalski, P. (2024). Energy performance of Internet of Things (IoT) networks for pipeline monitoring. 20th International Wireless Communications and Mobile Computing Conference, IWCMC 2024, 1490–1497. doi:10.1109/IWCMC61514.2024.10592530.
[10] Nakip, M., & Gelenbe, E. (2024). Online Self-Supervised Deep Learning for Intrusion Detection Systems. IEEE Transactions on Information Forensics and Security, 19, 5668–5683. doi:10.1109/TIFS.2024.3402148.
[11] Deore, B., & Bhosale, S. (2022). Intrusion Detection System Based on RNN Classifier for Feature Reduction. SN Computer Science, 3(2), 1–9. doi:10.1007/s42979-021-00991-0.
[12] Gelenbe, E., Nakip, M., & Siavvas, M. (2025). System Wide Vulnerability and Trust in Multi-Component Communication System Software. IEEE Network, 39(2), 108–114. doi:10.1109/MNET.2024.3452962.
[13] Imrana, Y., Xiang, Y., Ali, L., & Abdul-Rauf, Z. (2021). A bidirectional LSTM deep learning approach for intrusion detection. Expert Systems with Applications, 185, 115524. doi:10.1016/j.eswa.2021.115524.
[14] Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks. IEEE Access, 5, 21954–21961. doi:10.1109/ACCESS.2017.2762418.
[15] Dash, N., Chakravarty, S., Rath, A. K., Giri, N. C., AboRas, K. M., & Gowtham, N. (2025). An optimized LSTM-based deep learning model for anomaly network intrusion detection. Scientific Reports, 15(1), 1–17. doi:10.1038/s41598-025-85248-z.
[16] Diro, A., & Chilamkurti, N. (2018). Leveraging LSTM Networks for Attack Detection in Fog-to-Things Communications. IEEE Communications Magazine, 56(9), 124–130. doi:10.1109/MCOM.2018.1701270.
[17] Zhang, H., Qin, X., Gao, X., Zhang, S., Tian, Y., & Zhang, W. (2024). Modified salp swarm algorithm based on competition mechanism and variable shifted windows for feature selection. Soft Computing, 28(19), 11147–11161. doi:10.1007/s00500-024-09876-9.
[18] Barhoush, M., Abed-alguni, B. H., & Al-qudah, N. E. A. (2023). Improved discrete salp swarm algorithm using exploration and exploitation techniques for feature selection in intrusion detection systems. Journal of Supercomputing, 79(18), 21265–21309. doi:10.1007/s11227-023-05444-4.
[19] Khalaf, O. I., Anand, D., Abdulsahib, G. M., & Chandra, G. R. (2024). A coherent salp swarm optimization based deep reinforced neuralnet work algorithm for securing the mobile cloud systems. Journal of Autonomous Intelligence, 7(3). doi:10.32629/jai.v7i3.654.
[20] Althobaiti, M. M., & Escorcia-Gutierrez, J. (2024). Weighted salp swarm algorithm with deep learning-powered cyber-threat detection for robust network security. AIMS Mathematics, 9(7), 17676–17695. doi:10.3934/math.2024859.
[21] Gelenbe, E., & Nasereddin, M. (2025). Adaptive Attack Mitigation for IoV Flood Attacks. IEEE Internet of Things Journal, 12(5), 4701–4714. doi:10.1109/JIOT.2025.3529615.
[22] Laghrissi, F. E., Douzi, S., Douzi, K., & Hssina, B. (2021). Intrusion detection systems using long short-term memory (LSTM). Journal of Big Data, 8(1), 65. doi:10.1186/s40537-021-00448-4.
[23] Silambarasan, E., Suryawanshi, R., & Reshma, S. (2024). Enhanced cloud security: a novel intrusion detection system using ARSO algorithm and Bi-LSTM classifier. International Journal of Information Technology, 16(6), 3837-3845. doi:10.1007/s41870-024-01887-x.
[24] Green, A., White, P., Brown, K., Black, R., & Silver, H. A Comparative Study of Transformer and LSTM Encoder-Decoder Models for Network Intrusion Detection. 2025 IEEE International Conference on Artificial Intelligence and Security (ICAS, 10–18. doi:10.1109/ICAS.2025.123456.
[25] Chelloug, S. A. (2024). A Robust Approach for Multi Classification-Based Intrusion Detection through Stacking Deep Learning Models. Computers, Materials and Continua, 79(3), 4845–4861. doi:10.32604/cmc.2024.051539.
[26] Wu, M., & Kondo, M. (2024). A High-Throughput Network Intrusion Detection System Using On-Device Learning on FPGA. Proceedings - 2024 IEEE 17th International Symposium on Embedded Multicore/Many-Core Systems-on-Chip, MCSoC 2024, 426–433. doi:10.1109/MCSoC64144.2024.00076.
[27] Ghadermazi, J., Shah, A., & Bastian, N. D. (2025). Towards Real-Time Network Intrusion Detection with Image-Based Sequential Packets Representation. IEEE Transactions on Big Data, 11(1), 157–173. doi:10.1109/TBDATA.2024.3403394.
[28] Abdelaziz, A., Santos, V., Dias, M. S., & Mahmoud, A. N. (2024). A hybrid model of self-organizing map and deep learning with genetic algorithm for managing energy consumption in public buildings. Journal of Cleaner Production, 434, 140040. doi:10.1016/j.jclepro.2023.140040.
[29] Alsaleh, A., & Binsaeedan, W. (2021). The influence of salp swarm algorithm-based feature selection on network anomaly intrusion detection. IEEE Access, 9, 112466–112477. doi:10.1109/ACCESS.2021.3102095.
[30] Thankappan, M., Narayanan, N., Sanaj, M. S., Manoj, A., Menon, A. P., & Gokul Krishna, M. (2024). Machine Learning and Deep Learning Architectures for Intrusion Detection System (IDS): A Survey. 1st International Conference on Trends in Engineering Systems and Technologies, ICTEST 2024, 1–6. doi:10.1109/ICTEST60614.2024.10576052.
[31] Dora, V. R. S., & Lakshmi, V. N. (2022). Optimal feature selection with CNN-feature learning for DDoS attack detection using meta-heuristic-based LSTM. International Journal of Intelligent Robotics and Applications, 6(2), 323–349. doi:10.1007/s41315-022-00224-4.
[32] Jothi, B., & Pushpalatha, M. (2023). WILS-TRS — a novel optimized deep learning based intrusion detection framework for IoT networks. Personal and Ubiquitous Computing, 27(3), 1285–1301. doi:10.1007/s00779-021-01578-5.
[33] Rashid, T. A., Fattah, P., & Awla, D. K. (2018). Using accuracy measure for improving the training of LSTM with metaheuristic algorithms. Procedia Computer Science, 140, 324–333. doi:10.1016/j.procs.2018.10.307.
[34] Jihado, A. A., & Girsang, A. S. (2024). Hybrid Deep Learning Network Intrusion Detection System Based on Convolutional Neural Network and Bidirectional Long Short-Term Memory. Journal of Advances in Information Technology, 15(2), 219–232. doi:10.12720/jait.15.2.219-232.
[35] Zivkovic, M., Bacanin, N., Arandjelovic, J., Strumberger, I., & Venkatachalam, K. (2022). Firefly Algorithm and Deep Neural Network Approach for Intrusion Detection. Lecture Notes in Electrical Engineering, 925, 1–12. doi:10.1007/978-981-19-4831-2_1.
[36] Ali, M. H., Jaber, M. M., Abd, S. K., Rehman, A., Awan, M. J., Damaševičius, R., & Bahaj, S. A. (2022). Threat Analysis and Distributed Denial of Service (DDoS) Attack Recognition in the Internet of Things (IoT). Electronics (Switzerland), 11(3), 494. doi:10.3390/electronics11030494.
[37] Alzaqebah, A., Aljarah, I., Al-Kadi, O., & Damaševičius, R. (2022). A Modified Grey Wolf Optimization Algorithm for an Intrusion Detection System. Mathematics, 10(6), 999. doi:10.3390/math10060999.
[38] Kumar, G., Gupta, P., Yadav, G. K., Verma, R., Bhati, J. P., & Bhakuni, V. S. (2024). Evaluating the Effectiveness of Deep Learning Models in Network Intrusion Detection. 2024 International Conference on Cybernation and Computation, CYBERCOM 2024, 766–771. doi:10.1109/CYBERCOM63683.2024.10803243.
[39] Selvakumar, B., & Muneeswaran, K. (2019). Firefly algorithm based feature selection for network intrusion detection. Computers and Security, 81, 148–155. doi:10.1016/j.cose.2018.11.005.
[40] Toldinas, J., Venčkauskas, A., Damaševičius, R., Grigaliūnas, Š., Morkevičius, N., & Baranauskas, E. (2021). A novel approach for network intrusion detection using multistage deep learning image recognition. Electronics (Switzerland), 10(15), 1854. doi:10.3390/electronics10151854.
[41] Wang, B., & Gu, L. (2019). Detection of network intrusion threat based on the probabilistic neural network model. Information Technology and Control, 48(4), 618–625. doi:10.5755/j01.itc.48.4.24036.
[42] Tang, Y., Gu, L., & Wang, L. (2022). Deep stacking network for intrusion detection. Sensors, 22(1), 25. doi:10.3390/s22010025.
[43] Kohli, M., & Arora, S. (2018). Chaotic grey wolf optimization algorithm for constrained optimization problems. Journal of Computational Design and Engineering, 5(4), 458–472. doi:10.1016/j.jcde.2017.02.005.
[44] Arora, S., & Singh, S. (2017). An improved butterfly optimization algorithm with chaos. Journal of Intelligent and Fuzzy Systems, 32(1), 1079–1088. doi:10.3233/JIFS-16798.
[45] Abdelaziz, A., Santos, V., & Dias, M. S. (2023). Convolutional Neural Network with Genetic Algorithm for Predicting Energy Consumption in Public Buildings. IEEE Access, 11, 64049–64069. doi:10.1109/ACCESS.2023.3284470.
[46] Van Houdt, G., Mosquera, C., & Nápoles, G. (2020). A review on the long short-term memory model. Artificial Intelligence Review, 53(8), 5929–5955. doi:10.1007/s10462-020-09838-1.
[47] Shende, S., & Thorat, S. (2020). Long short-term memory (LSTM) deep learning method for intrusion detection in network security. International Journal of Engineering Research and, 9(6), 1016. doi:10.17577/ijertv9is061016.
[48] Aggarwal, P., & Sharma, S. K. (2015). Analysis of KDD Dataset Attributes - Class wise for Intrusion Detection. Procedia Computer Science, 57, 842–851. doi:10.1016/j.procs.2015.07.490.
[49] UNB (2025). Datasets: NSL-KDD website. Available online: http://nsl.cs.unb.ca/NSL-KDD/ (accessed on June 2025).
[50] Faisal, M., & Islam, M. S. (2023). Improving Network Security with Intrusion Detection Systems Utilizing Machine Learning and Deep Learning Techniques. 26th International Conference on Computer and Information Technology (ICCIT), 1-6. doi:10.1109/ICCIT60459.2023.10441582.
[51] Mynuddin, M., Khan, S. U., Chowdhury, Z. U., Islam, F., Islam, M. J., Hossain, M. I., & Ahad, D. M. A. (2024). Automatic network intrusion detection system using machine learning and deep learning. In 2024 IEEE International Conference on Artificial Intelligence and Mechatronics Systems (AIMS), 1-9. doi:10.1109/AIMS61812.2024.10512607.
[52] Almomani, A., Alweshah, M., Al Khalayleh, S., Al-Refai, M., & Qashi, R. (2019). Metaheuristic algorithms-based feature selection approach for intrusion detection. Machine Learning for Computer and Cyber Security, 184-208. doi:10.1201/9780429504044-8
[53] Vu, L., Bui, C. T., & Nguyen, Q. U. (2017). A deep learning based method for handling imbalanced problem in network traffic classification. Proceedings of the 8th international symposium on information and communication technology, 333-339. doi:10.1145/3155133.3155175.
[54] He, H., & Ma, Y. (2013). Imbalanced learning: Foundations, algorithms, and applications. Imbalanced Learning: Foundations, Algorithms, and Applications, John Wiley & Sons, New Jersey, United States. doi:10.1002/9781118646106.
[55] Tsukada, M., Kondo, M., & Matsutani, H. (2020). A neural network-based on-device learning anomaly detector for edge devices. IEEE Transactions on Computers, 69(7), 1027-1044. doi:10.1109/TC.2020.2973631.
[56] Liu, L., Wang, P., Lin, J., & Liu, L. (2020). Intrusion detection of imbalanced network traffic based on machine learning and deep learning. IEEE access, 9, 7550-7563. doi:10.1109/ACCESS.2020.3048198.
[57] Sun, Y., & Wang, Z. (2025). Intrusion detection in IoT and wireless networks using image-based neural network classification. Applied Soft Computing, 113236. doi:10.1016/j.asoc.2025.113236.
[58] Wojtuch, A., Jankowski, R., & Podlewska, S. (2021). How can SHAP values help to shape metabolic stability of chemical compounds? Journal of Cheminformatics, 13(1), 1–20. doi:10.1186/s13321-021-00542-y.
[59] Aljarah, I., Faris, H., & Mirjalili, S. (2018). Optimizing connection weights in neural networks using the whale optimization algorithm. Soft Computing, 22(1), 1–15. doi:10.1007/s00500-016-2442-1.
[60] Rani, M., & Gagandeep. (2022). Effective network intrusion detection by addressing class imbalance with deep neural networks multimedia tools and applications. Multimedia Tools and Applications, 81(6), 8499-8518. doi:10.1007/s11042-021-11747-6.
- This work (including HTML and PDF Files) is licensed under a Creative Commons Attribution 4.0 International License.
