Enhancing the Resilience of Portal Systems Using a Modified Lion Optimization Algorithm (MLOA) for Early Anomaly Detection Threshold against Cyber Threats
Keywords:
Anomaly Detection, Cybersecurity, Modified Lion Optimization Algorithm, Nature-Inspired Algorithms, Performance Metrics, Portal Systems, SSC-OCSVM, UNSW-NB15 DatasetAbstract
This research introduces a hybrid anomaly detection model that integrates the Modified Lion Optimization Algorithm (MLOA) with the One-Class Support Vector Machine (OCSVM) to enhance the resilience of portal systems against advanced cyber threats, including Man-in-the-Middle (MitM) attacks, denial-of-service events, and data breaches. The MLOA-OCSVM model leverages advanced preprocessing and feature selection techniques for high-dimensional datasets, incorporating real-time monitoring and alert systems for rapid anomaly detection and mitigation by optimizing decision boundaries and fine-tuning threshold parameters. Experimental evaluations revealed that the MLOA-OCSVM significantly outperformed the Sub-Space Clustering One-Class Support Vector Machine (SSC-OCSVM) in identifying anomalies across various complexity levels, achieving superior metrics such as a recall of 0.97, accuracy of 0.98, precision of 0.96, and ROC-AUC of 0.97 for simple anomalies, and maintaining strong performance for moderate and high-complexity anomalies with recall values of 0.92 and 0.90 and ROC-AUC scores of 0.94 and 0.92. These findings validate the model’s effectiveness in detecting zero-day attacks and contextual anomalies, establishing a scalable, high-performance solution for modern portal system security, and showcasing the practical application of nature-inspired optimization algorithms in real-world cybersecurity environments.
