Metaheuristic Optimization in Machine Learning for Cyber Attack Detection: A Review of Techniques and Applications

Abstract

The speed of cyber-attacks and the increasing complexity of cyber theft has made intrusion detection a focal point in today's cybersecurity environment. The present paper is an overview of metaheuristic optimization techniques to detect cyber-attacks using machine learning. The purpose of this survey is to review the use of metaheuristic algorithms in the improvement of intrusion detection systems (IDSs) in terms of feature selection, parameter optimization, and multi-objective optimization. This survey covers the main work that uses single-objective and multi-objective metaheuristic algorithms such as evolutionary algorithms, swarm intelligence algorithms, and hybrid metaheuristic optimization approaches. The papers are reviewed in terms of their use for IDS tasks, use of single-objective and/or multi-objective optimization, and their performance using benchmarking datasets. The survey shows some of the trends: metaheuristic algorithms are highly effective for feature selection, classification performance, and a combination of detection rate and false alarm rate. And hybrid solutions that use metaheuristic algorithms and machine learning / deep learning algorithms, such as Convolutional Neural Networks (CNN) and Gradient Boosting, are more effective than single solutions. The advantages are clear, yet the research also intersects some of the challenges related to the methods, including scalability, efficiency, interpretability, and adversarial attack resistance. Based on these insights, future research will focus on developing adaptive and scalable optimisation approaches, integrating optimisation approaches into real-time and distributed systems, and designing interpretable and robust IDS. This survey offers a practical perspective on the metaheuristic optimisation for cyber-attack detection techniques, and the use of metaheuristic optimisation in designing efficient and scalable IDS