An Optimization Model for Appraising Intrusion-Detection Systems for Network Security Communications: Applications, Challenges, and Solutions

Mohamed Abdel-Basset; Abduallah Gamal; Karam M Sallam; Ibrahim Elgendi; Kumudu Munasinghe; Abbas Jamalipour

doi:10.3390/s22114123

An Optimization Model for Appraising Intrusion-Detection Systems for Network Security Communications: Applications, Challenges, and Solutions

Sensors (Basel). 2022 May 29;22(11):4123. doi: 10.3390/s22114123.

Authors

Mohamed Abdel-Basset¹, Abduallah Gamal¹, Karam M Sallam², Ibrahim Elgendi², Kumudu Munasinghe², Abbas Jamalipour³

Affiliations

¹ Faculty of Computers and Informatics, Zagazig University, Zagazig 44519, Egypt.
² School of IT and Systems, University of Canberra, Canberra, ACT 2601, Australia.
³ School of Electrical and Information Engineering, The University of Sydney, Sydney, NSW 2006, Australia.

Abstract

Cyber-attacks are getting increasingly complex, and as a result, the functional concerns of intrusion-detection systems (IDSs) are becoming increasingly difficult to resolve. The credibility of security services, such as privacy preservation, authenticity, and accessibility, may be jeopardized if breaches are not detected. Different organizations currently utilize a variety of tactics, strategies, and technology to protect the systems' credibility in order to combat these dangers. Safeguarding approaches include establishing rules and procedures, developing user awareness, deploying firewall and verification systems, regulating system access, and forming computer-issue management groups. The effectiveness of intrusion-detection systems is not sufficiently recognized. IDS is used in businesses to examine possibly harmful tendencies occurring in technological environments. Determining an effective IDS is a complex task for organizations that require consideration of many key criteria and their sub-aspects. To deal with these multiple and interrelated criteria and their sub-aspects, a multi-criteria decision-making (MCMD) approach was applied. These criteria and their sub-aspects can also include some ambiguity and uncertainty, and thus they were treated using q-rung orthopair fuzzy sets (q-ROFS) and q-rung orthopair fuzzy numbers (q-ROFNs). Additionally, the problem of combining expert and specialist opinions was dealt with using the q-rung orthopair fuzzy weighted geometric (q-ROFWG). Initially, the entropy method was applied to assess the priorities of the key criteria and their sub-aspects. Then, the combined compromised solution (CoCoSo) method was applied to evaluate six IDSs according to their effectiveness and reliability. Afterward, comparative and sensitivity analyses were performed to confirm the stability, reliability, and performance of the proposed approach. The findings indicate that most of the IDSs appear to be systems with high potential. According to the results, Suricata is the best IDS that relies on multi-threading performance.

Keywords: MCDM; cyber-attacks; intrusion-detection system; q-ROFWG; q-rung orthopair fuzzy sets.

MeSH terms

Communication*
Fuzzy Logic*
Reproducibility of Results
Uncertainty

Grants and funding

This research received no external funding.