Anomaly Detection in a Portal System Network: A Review of Techniques, Challenges, and Future Directions

  • O.O. Green Department of Information Communication Technology, Lagos State University of Education, Lagos, Nigeria
  • S.M. Yusuf Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria
  • M.B. Abdulrazaq Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria
  • B. Yahaya Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria
  • Z. Haruna Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria
  • A. Ore-Ofe Department of Computer Engineering, Ahmadu Bello University, Zaria, Nigeria
  • S.O. Omogoye Department of Electrical and Electronics Engineering, Lagos State University of Science and Technology, Lagos, Nigeria
  • A.S. Adegoke Department of Computer Engineering, Lagos State University of Science and Technology, Lagos, Nigeria
  • S.O. Salami Department of Computer Engineering, Lagos State University of Science and Technology, Lagos, Nigeria
Keywords: Anomaly Detection, Portal Systems, EMLOA, OCSVM, Hybrid Models, Cybersecurity, Explainable AI (XAI), Real-Time Monitoring, Threshold Optimization, Machine Learning

Abstract

Portal system networks are vital for education, governance, and corporate operations, but face growing risks from evolving cyber threats. This study proposes a hybrid anomaly detection framework that combines the Enhanced Modified Lion Optimization Algorithm (EMLOA) with One-Class Support Vector Machines (OCSVM) to enhance threat detection in such environments. Unlike traditional rule-based or statistical methods, which lack adaptability, or conventional machine learning techniques that demand extensive labeled data and computational power, the EMLOA-OCSVM model achieves high accuracy (99.9%), low training latency (3.05 seconds), and scalability in dynamic settings. The framework employs a sigmoid function-based strategy to dynamically optimize hyperparameters (γ and ν), enhancing convergence speed and detection performance. Evaluations using the UNSW-NB15 dataset (reflecting modern attack patterns) and real-world logs from Lagos State University of Education (LASUED) demonstrate the model’s practical relevance. Key innovations include dynamic threshold tuning and improved interpretability, reducing false positives without sacrificing efficiency. Robust performance is confirmed through accuracy, precision, recall, F1-score, and ROC-AUC metrics. Future research should prioritize lightweight, explainable hybrid models capable of countering advanced threats while maintaining system performance.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

References

1. Ahmed Jamal, A., Mustafa Majid, A. A., Konev, A., Kosachenko, T., & Shelupanov, A. (2023). A review on security analysis of cyber physical systems using Machine learning. Materials Today: Proceedings, 80(xxxx), 2302–2306. https://doi.org/10.1016/j.matpr.2021.06.320
2. Alqahtani, A., & Alshaher, H. (2024). Anomaly-Based Intrusion Detection Systems Using Machine Learning. Journal of Cybersecurity and Information Management, 14(1), 20–33. https://doi.org/10.54216/JCIM.140102
3. Analysis, I., & Vision, C. (2019). Computing Anomaly Score Threshold with Autoencoders Pipeline. Computing Anomaly Score Threshold with Autoencoders Pipeline, 11401, 1–16. https://doi.org/https://doi.org/1 0.1 007/97 8-3-030-1 3469-3_28
4. Aug, L. G. (2023). Semi-supervised detection of structural damage using Variational Autoencoder and a One-Class Support Vector Machine ⋆. 2023, 1–32. https://doi.org/10.1109/ACCESS.2023.3291674
5. Bablu, T. A. (2025). Machine Learning for Anomaly Detection : A Review of Techniques and Applications in Various Domains. 07(February), 1–17. https://doi.org/https://www.researchgate.net/publication/389038707_Machine_Learning_for_Anomaly_Detection_A_Review_of_Techniques_and_Applications_in_Various_Domains
6. Bin Yu, Zongzheng Zhang, Wenshu Xie, Wenjia Zuo, Yiming Zhao, and Y. W. (2023). Gaussian Mixture Model. 1–9. https://doi.org/doi.org/10.3390/electronics12061397
7. Cipra, T. (2020). Box Jenkins Methodology ARIMA Model. https://link.springer.com/chapter/10.1007/978-3-030-46347-2_6#citeas
8. Claudius, M., & Andersen, J. P. (2022). Unsupervised Learning The basics , K-Means , DBScan What is Unsupervised Learning ( UL ) (02.11.2021 03.11.2020 revised 25.04.2021 & 06.04.2022 (eds.); pp. 1–20). https://micl-easj.dk/Machine Learning/Overheads/ML Slides Chapter 9 Unsupervised Learning.pdf
9. Danijela Protic, Miomir Stankovic, V. A. (2022). Wk-fnn design for the detection of anomalies in the computer network traffic. Facta Universitatis - Series: Electronics and Energetics, 35(2), 269–282. https://doi.org/10.2298/fuee2202269p
10. Darveau, K., Hannon, D., & Foster, C. (2020). A comparison of rule-based and machine learning models for classification of human factors aviation safety event reports. Proceedings of the Human Factors and Ergonomics Society, 64(1), 129–133. https://doi.org/10.1177/1071181320641034
11. Dejana Ugrenovic, Jens Vankeirsbilck, D. P., & Tom Holvoet, jeroen B. (2020). Designing Out-of-distribution Data Detection.pdf. International Scientific Conference Electronics, 16–18. https://doi.org/978-1-7281-7426-6/20/$31.00
12. Duffield, N., Haffner, P., Krishnamurthy, B., & Ringberg, H. (2009). Rule-based anomaly detection on IP flows. Proceedings - IEEE INFOCOM, June, 424–432. https://doi.org/10.1109/INFCOM.2009.5061947
13. Emesoronye, S. (2024). Rule-Based vs . Machine Learning- Based Cybersecurity : Understanding the Differences Limitations : 1–4. https://doi.org/https://www.linkedin.com/pulse/rule-based-vs-machine-learning-based-cybersecurity-obinna-emesoronye-lnj1e/
14. Encyclopedia. (2025). k -means clustering (online, pp. 1–19). https://doi.org/https://en.wikipedia.org/wiki/K-means_clustering
15. Fernandes, G., Rodrigues, J. J. P. C., Carvalho, L. F., Al-Muhtadi, J. F., & Proença, M. L. (2022). A comprehensive survey on network anomaly detection. Telecommunication Systems, 70(3), 447–489. https://doi.org/10.1007/s11235-018-0475-8
16. Green, O. O., Abdulrazaq. M.B., Yahaya. B., Haruna. Z, Omogoye. S.O., Adegoke, A.S. (2025). Enhancing Portal System Resilience with a Modified Lion Optimization Algorithm ( MLOA ) for Cyber Threat Detection. 21(2025), 61–85. https://doi.org/10.19044/esj.2025.v21n9p61
17. Hashmi, A., & Ahmad, T. (2020). FAAD : A Self-Optimizing Algorithm for Anomaly Detection. 17(2), 272–280. https://doi.org/doi.org/10.34028/iajit/17/2/16
18. Li, L., Hansman, R. J., Palacios, R., & Welsch, R. (2016). Anomaly detection via a Gaussian Mixture Model for flight operation and safety monitoring. Transportation Research Part C: Emerging Technologies, 64, 45–57. https://doi.org/10.1016/j.trc.2016.01.007
19. Mittal, A., Gupta, A., Bhoomi, & Agarwal, K. (2024). Anomaly Detection in Cybersecurity: Leveraging Machine Learning for Intrusion Detection. Proceedings of International Conference on Communication, Computer Sciences and Engineering, IC3SE 2024, December, 331–335. https://doi.org/10.1109/IC3SE62002.2024.10592923
20. Moore, S. (2025). Behavior Anomaly Detection : Techniques and Best Practices. 1–11. https://doi.org/https://www.exabeam.com/explainers/ueba/behavior-anomaly-detection-techniques-and-best-practices
21. Paganini, P. (2023). The University of Manchester suffered a cyber attack and suspects a data breach. Security Affairs. https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/06/University-of-Manchester.png?ssl=1
22. Pu, G., Wang, L., Shen, J., & Dong, F. (2021). A Hybrid Unsupervised Clustering-Based Anomaly Detection Method. 26(1007–0214), 146–153. https://doi.org/10 . 26599 /TST. 2019 . 9010051
23. Rajakumar, B. R. (2012). The Lion’s Algorithm: A New Nature-Inspired Search Algorithm. Procedia Technology, 6, 126–135. https://doi.org/10.1016/j.protcy.2012.10.016
24. Rasim M. Alguliyev, R. M. A., & Fargana J. Abdullayeva. (2019). PSO+K-means Algorithm for Anomaly Detection in Big Data. STATISTICS, OPTIMIZATION AND INFORMATION COMPUTING, 7, 348–359. https://doi.org/: 10.19139/soic.v7i2.623
25. Rousseeuw, P. J., & Hubert, M. (2018). Anomaly detection by robust statistics. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 8(2), 1–14. https://doi.org/10.1002/widm.1236
26. Trebar, M. (2021). Analysis of Machine Learning Algorithms for Anomaly Detection on Edge Devices. 1–22. https://doi.org/10.3390/s21144946%0AFaculty
27. Ukagwu, T. J. and L. (2023, March 15). Almost 13 million cyber attacks recorded during polls –FG. Punch, 1–3. https://cdn.punchng.com/wp-content/uploads/2023/02/16205355/ISA-PANTAMI.jpg
28. Yuan, Y. (2022). A Modified Hybrid Method Based on PSO , GA , and K-Means for Network Anomaly Detection. 2022, 1–10. https://doi.org/10.1155/2022/5985426
29. Almufti, S. M. (2015). U-Turning Ant Colony Algorithm powered by Great Deluge Algorithm for the solution of TSP Problem [Eastern Mediterranean University]. https://doi.org/https://www.researchgate.net/publication/318014104_U-Turning_Ant_Colony_Algorithm_powered_by_Great_Deluge_Algorithm_for_the_solution_of_TSP_Problem
Published
2025-07-27
How to Cite
Green, O., Yusuf, S., Abdulrazaq, M., Yahaya, B., Haruna, Z., Ore-Ofe, A., Omogoye, S., Adegoke, A., & Salami, S. (2025). Anomaly Detection in a Portal System Network: A Review of Techniques, Challenges, and Future Directions. European Scientific Journal, ESJ, 43, 638. Retrieved from https://eujournal.org/index.php/esj/article/view/19810
Section
ESI Preprints