Cybersecurity poses considerable problems to Cloud Computing (CC), especially regarding Intrusion Detection Systems (IDSs), facing difficulties with skewed datasets and suboptimal classification model performance. This study presents the Hybrid Intrusion Detection System (HyIDS), an innovative IDS that employs the Energy Valley Optimizer (EVO) for Feature Selection (FS). Additionally, it introduces a novel technique for enhancing the cybersecurity of cloud computing through the integration of machine learning methodologies with the EVO Algorithm. The Energy Valley Optimizer (EVO) effectively diminished features in the CIC-DDoS2019 dataset from 88 to 38 and in the CSE-CIC-IDS2018 data from 80 to 43, significantly enhancing computing efficiency. HyIDS incorporates four Machine Learning (ML) models: Support Vector Machine (SVM), Random Forest (RF), Decision Tree (D_Tree), and K-Nearest Neighbors (KNN). The proposed HyIDS was assessed utilizing two real-world intrusion datasets, CIC-DDoS2019 and CSE-CIC-IDS2018, both distinguished by considerable class imbalances. The CIC-DDoS2019 dataset has a significant imbalance between DDoS assault samples and legal traffic, while the CSE-CIC-IDS2018 dataset primarily comprises benign traffic with insufficient representation of attack types, complicating the detection of minority attacks. A downsampling technique was employed to balance the datasets, hence improving detection efficacy for both benign and malicious traffic. Twenty-four trials were done, revealing substantial enhancements in categorization accuracy, precision, and recall. Our suggested D_TreeEVO model attained an accuracy rate of 99.13% and an F1 score of 98.94% on the CIC-DDoS2019 dataset, and an accuracy rate of 99.78% and an F1 score of 99.70% on the CSE-CIC-IDS2018 data. These data demonstrate that EVO significantly improves cybersecurity in Cloud Computing (CC).

翻译：网络安全给云计算带来了严峻挑战，尤其在入侵检测系统领域，面临着数据集偏斜和分类模型性能欠佳的问题。本研究提出了混合入侵检测系统，这是一种创新的入侵检测系统，采用能量谷优化器进行特征选择。此外，本文通过将机器学习方法与能量谷优化算法相结合，提出了一种增强云计算网络安全的新技术。能量谷优化器将CIC-DDoS2019数据集的特征从88个有效缩减至38个，将CSE-CIC-IDS2018数据集的特征从80个缩减至43个，显著提升了计算效率。HyIDS融合了四种机器学习模型：支持向量机、随机森林、决策树和K近邻算法。所提出的HyIDS使用两个真实世界入侵数据集进行评估：CIC-DDoS2019和CSE-CIC-IDS2018，这两个数据集均存在显著的类别不平衡问题。CIC-DDoS2019数据集中DDoS攻击样本与合法流量严重失衡，而CSE-CIC-IDS2018数据集主要由良性流量构成，攻击类型代表性不足，这增加了少数类攻击的检测难度。研究采用下采样技术平衡数据集，从而提升了对良性与恶意流量的检测效能。通过24组实验验证，系统在分类准确率、精确率和召回率方面均取得显著提升。我们提出的D_TreeEVO模型在CIC-DDoS2019数据集上实现了99.13%的准确率和98.94%的F1分数，在CSE-CIC-IDS2018数据集上实现了99.78%的准确率和99.70%的F1分数。这些数据表明，能量谷优化器能显著增强云计算领域的网络安全防护能力。