Abstract

Mobile devices are frequently attacked by malware to steal data, credit card information and disrupt operations. The objective of this paper is to develop and hybridize Network intrusion detection system (NIDS) and automated Network intrusion response system (ANIRS) to not only detect malware but provide countermeasures to the attacks and safeguard the target objects. National science laboratory- knowledge discovery in databases (NSL-KDD) dataset was used, although imbalanced. Categorical features such as protocols, services and flags, were converted to numerical values using OneHotEncoder. The dataset was then normalized using min-max normalization technique. Principal component analysis was used to collapse original features to a new but smaller dataset; and then split into training dataset (80%) and test dataset (20%). To develop the NIDS, AdaBoost algorithm was used to train base classifiers such as decision tree, support vector machine and logistic regression, but k-nearest neighbor applied Euclidean distance measure to compute the labels of the target objects. The predictions of the trained models and k-nearest neighbor were aggregated to produce a consensus model called hard vote, which predicts the test dataset to normal and malware labels. Malware labels are grouped into denial of service (DOS), Probe, user to root (U2R) and remote to local (R2L) and passed to ANIRS as input. ANIRS then dynamically generates a set of rules that were used to analyze, prioritize and select optimum response to each attack type. Fuzzy ELECTRE III method was used in prioritizing response actions. Given the imbalanced dataset, the F1-score performance metric of three models that performed best are KNN (91.36%), Hard vote (91.36%) and LR (86.22%). Similarly, countermeasures to malware attacks include DOS: reset connection; Probe: block attacker’s IP address; and U2R and R2L: disable user. This paper successfully prioritized countermeasures to detected intrusions and safeguard the target objects.

References

• Gamao, A. O. 2018 Malware Analysis on Android Applications: A Permission Based Approach. ResearchGate. DOI: 10.18535/SSHJ/v2i10.109.
• Inayat, Z., Garis, A., Anuar, N. B; Khan, M. K. 2016, Intrusion Response Systems: Foundations, Design, and Challenges. Journal of Network and Computer Applications, 62, 53 – 74, http://dex.doi.org/10.1016/j.jnca.2015.006
• Atkinson, M. 2015, An Analysis of Android Application Permissions. Internet and Technology. Pew Research Center.
• Verizon 2018. Data Breach Investigations Report, www.verizonenterprise.com/Federal.
• Group Special Mobile Association (GSMA) 2019. Mobile telecommunications security threat landscape. Floor 2, the Walbrook Building, 25 Walbrook, London EC4N 8AF United Kingdom.
• Stein, J. 2020. Data Breach Report, North Carolina Department of Justice. www.ncdoj.gov/complaint
• Marchioro,T., Saroui, R., Oliverau, A, 2025. Network Intrusion Response System: Towards Standardized Evaluation of Intrusion Response. ESORICS: 30TH European Symposium of Research in Toulouse, France. Hal- 05294762. https://hal.scioence/hal-05294762
• Singh, D.K. & Kaushik, P. 2018. Framework for Fuzzy Rule Base Automatic intrusion Response Selection System (FRA IRSS) Using Fuzzy AnalyticHierarchy Process and Fuzzy TOPSIS. Journal of Intelligent and Systems, DOI: 10.3233/JIFS- 18350
• Shojaie, A. A., Babaie, S., Sayah, E., & Mohammeditabar, D. 2016. Analysis and Prioritization of Green Health Suppliers Using Fuzzy ELECTRE Method with a Case Study. Global Journal of Flexible Systems Management. DOI: 10.1007/s40171- 0171-017-0168-2
• Singh, D.K. & Kaushik, P. 2016. Analysis of Decision Making Factors for Automated Intrusion Response System (AIRS): A Review. International Journal of Computer Science and Information Security (IJCSIS), 14(6)
• Singh, D.K. & Kaushik, P. 2019. Intrusion Response Prioritization Based on Fuzzy ELECTRE Multiple Criteria Decision-Making Technique. Journal of Information Security and Applications, 48, 102359.
• Alamleh, A., Albahri, O. S., Zaidan, A. A., Alamoodi, A. H., Albahri, A. H., Albahri, A. S., Zaidan, B. B., Qahtan, S., Binti Ismail, A.R., Malik, R. O., Baqer, M. J., Jasin, A. N., Al-Samarraay, M.S. 2022. Multi-Attribute Decision Making for Intrusion Detection Systems: A Systematic Review. International Journal of Information Technology and Decision Making, 22(01), 589 – 636, DOI: 10.1142/S021962202230004X
• Horta, A. 2021. Scikit-MCDM: The Python Library for Multi-Criteria Decision aid, ver. 0.21 [Open source. Available in https://github,com/cybercrafter.com
• Komsiyah, S., Wongso, R., Scalisi, S.W. 2019. Applications of the fuzzy ELECTRE method for decision support systems of cement vendor selection. 4th International Conference on Computer Science and Computational Intelligence (ICCSCI), 157, 479 – 488.
• Satman, M. H., Yildirim, B.F. & Kuruca, E. 2021. JMcDM: A Julia Package for Multiple Criteria Decision–Making Tools. The Journal of Open Source Software.
• Belbag, S., Gungordu, A., Yumusak, T., and Yilmaz, K. G. 2016. The Evaluation of Smartphone Brand Choice: Application With the Fuzzy ELECTRE I Method. International Journal of Business and Management Invention, 5(3), 5 – 63.
• Yucel, M.G. & Gorener, D. 2016 Decision making for company acquisition by ELECTRE method. International Journal of Supply Chain Management, 5(1).
• Odu, G. O., 2019. Weighting Methods or Multi-criteria Decision Making Techniques. Journal of Applied Science Environmental Management, 23(8): 1449 - 1457. https://dx.doi.org/10.4314/jasen.v23i87 [
• Nejat, S.K. & Kabiri, P. 2017. An adaptive and cost-based intrusion response system, Cybernetic and Systems. DOI: 10.1018/01969722.2017.1319693.
• Wu, M. 2019. Comparative study of ELECTRE methods with intuitionistic fuzzy sets applied on consumer decision making case. EJERS, European Journal of Engineering Research and Science, 4(10).
• Akmaludin, B. M., Marlinda, L., Dalix, S.S., & Santoso, B. 2018. The Employee Promotion Based on Specification job’s Performance Using: MCDM, AHP and ELECTRE METHODS. The 6th International Conference on Cyber and IT Service Management (CITSM).
• Khan, M. & Ansari, M. D. 2020. Multi-criteria software quality model selection based on divergence measure and score function. Journal of Intelligent and Fuzzy Systems 38(2020) 3179-31-3188. DOI:10.3233/JIFS-191/153.
• Liu, Y. & Du, J. A. 2020. multi-criteria decision support framework for renewable energy storage technology selection. Journal of Cleaner Production 277 (2020), 122183. https://doi.org/10.1016/j.jclepro.2020.122.183
• Sonkar, N. 2025. Establishing a Cybersecurity and Privacy Practice in Mid-Sized Consulting. A Blueprint for Scalable Risk Adversary Services. https://dx.doi.org/10.2139/ssrn.5253056
• Panchal, P. B. 2025. Use of Integrated Intelligence Scheduling System (IISS for Heavy Civil Construction Projects. Journal of Emerging Technology and Innovative Research, 12(5):a800 – a815. https://doi.org/10.56975/jetir.v12i5.560867
• Singh, B. 2025. Securing the Network Future: AI, Resilience and Human Centric Design. Notion Press, https://direct.notionpress.com/in/read/securing-the-ntelligence-future-and-human-centric-design-hardcover/
• Kumar, L.K.S., Uyyala, R., Gera, J., Asulu, A.L.S., Sasirekha, P., Krishna, K.R. 2025. AI-Powered Intrusion Response for Intelligent Vehicular Ecosystem. Journal of Theoretical and Applied Information Technology, 103(16):6279-6288.
• Iturbe, E., Rego, A., Llorete-Vaquez, O., Rios, E., Dalamagkas, C., Merkouris, D., Toledo, N. 2025. Reinforcement Learning in Actin: Powering Intelligent Intrusion Responses to Advanced Cyberthreats in Realistic Scenarios. Expert Systems with Applications, 296(2026)129168. https://doi.org/10.1016/j.eswa.2025.129168
• Tiger, Z. and Smith, J. 2025. Hybrid AI-SDN Framework for Adaptive Zero Trust Security with Real-Time Intrusion Response. Multidisciplinary Innovations and Research Analysis, 6(1):21 – 27.
• Molina, S.B., Marmol, F.C., Nespoli, P. 2024. Tackling Cyber Attacks Through AI-Based Reactive Systems: A Holistic Review and Future Vision. arXiv:2312.06229v2 [cs.CR].
• Bashendy, M., Tantawy, A., and Erradi, A. 2024. Autonomous Response Agent for Cyber Physical System Attacks: A Model-Free Deep Reinforcement Learning Approach (DRL-IRS). ResearchGate. https://dx.doi.org/10.2139/ssrn.4716080
• Xue, Q., Zhang, Z., and Wang, M. 2025. Industrial Internet Response Based on Explainable Deep Learning. Electrnics, 14, 987.
• Bala, R. and Nagpal, R. 2019. A review on kdd cup99 and nsl-kdd dataset. International Journal of Advanced Research in Computer Science, 10(2).
• Arifuddin A., Buana G.S., Vinarti R.A., Djunaidy A. 2024. Performance comparison of decision tree and support vector machine algorithms for heart failure prediction. Procedia Computer Science, 1234:628-36.
• Belal, M. M. and Sundaram, D. M. 2023. An Intelligent Protection Framework for Intrusion Detection in Cloud Environment Based on Covariance Matrix Self- adaptation Evolution Strategy and Multi-Criteria Decision Making. Journal of Intelligent and Fuzzy Systems, 44(6), 8971 – 9001. DOI: 10.3233/JIFS-224135
• Madhavi, S., Santhosh, N, C., Rajkumar, S., and Praveen, R. 2023. Pythagorean Fuzzy Set Based VIKOR and TOPSIS Based Multi Criteria Decision Making Modelsor Mitigating Resources Deletion Attacks in WSNs. Journal of Intelligent and Fuzzy Systems, 44(6), 9441 – 9459. DOI: 10.3233/JIFS-224141
• GitHub Inc. 2020. NSL-KDD Dataset, https://www.github.com