Anomaly Detection in Portal System Networks: A Hybrid EMLOA-OCSVM Approach and Review of Challenges
Abstract
Portal system networks are vital for education, governance, and corporate operations, but face growing risks from evolving cyber threats. This study proposes a hybrid anomaly detection framework that combines the Enhanced Modified Lion Optimization Algorithm (EMLOA) with One-Class Support Vector Machines (OCSVM) to enhance threat detection in such environments. Unlike traditional rule-based or statistical methods, which lack adaptability, or conventional machine learning techniques that demand extensive labeled data and computational power, the EMLOA-OCSVM model achieves high accuracy (99.9%), low training latency (3.05 seconds), and scalability in dynamic settings. The framework employs a sigmoid function-based strategy to dynamically optimize hyperparameters (γ and ν), enhancing convergence speed and detection performance. Evaluations using the UNSW-NB15 dataset (reflecting modern attack patterns) and real-world logs from Lagos State University of Education (LASUED) demonstrate the model’s practical relevance. Key innovations include dynamic threshold tuning and improved interpretability, reducing false positives without sacrificing efficiency. Robust performance is confirmed through accuracy, precision, recall, F1-score, and ROC-AUC metrics. Future research should prioritize lightweight, explainable hybrid models capable of countering advanced threats while maintaining system performance.
Downloads
Metrics
PlumX Statistics
References
2. Alqahtani, A., & Alshaher, H. (2024). Anomaly-Based Intrusion Detection Systems Using Machine Learning. Journal of Cybersecurity and Information Management, 14(1), 20–33. https://doi.org/10.54216/JCIM.140102
3. Analysis, I., & Vision, C. (2019). Computing Anomaly Score Threshold with Autoencoders Pipeline. Computing Anomaly Score Threshold with Autoencoders Pipeline, 11401, 1–16. https://doi.org/https://doi.org/1 0.1 007/97 8-3-030-1 3469-3_28
4. Aug, L. G. (2023). Semi-supervised detection of structural damage using Variational Autoencoder and a One-Class Support Vector Machine ⋆. 2023, 1–32. https://doi.org/10.1109/ACCESS.2023.3291674
5. Bablu, T. A. (2025). Machine Learning for Anomaly Detection : A Review of Techniques and Applications in Various Domains. 07(February), 1–17. https://doi.org/https://www.researchgate.net/publication/389038707_Machine_Learning_for_Anomaly_Detection_A_Review_of_Techniques_and_Applications_in_Various_Domains
6. Bin Yu, Zongzheng Zhang, Wenshu Xie, Wenjia Zuo, Yiming Zhao, and Y. W. (2023). Gaussian Mixture Model. 1–9. https://doi.org/doi.org/10.3390/electronics12061397
7. Cipra, T. (2020). Box Jenkins Methodology ARIMA Model. https://link.springer.com/chapter/10.1007/978-3-030-46347-2_6#citeas
8. Claudius, M., & Andersen, J. P. (2022). Unsupervised Learning The basics , K-Means , DBScan What is Unsupervised Learning ( UL ) (02.11.2021 03.11.2020 revised 25.04.2021 & 06.04.2022 (eds.); pp. 1–20). https://micl-easj.dk/Machine Learning/Overheads/ML Slides Chapter 9 Unsupervised Learning.pdf
9. Danijela Protic, Miomir Stankovic, V. A. (2022). Wk-fnn design for detection of anomalies in the computer network traffic. Facta Universitatis - Series: Electronics and Energetics, 35(2), 269–282. https://doi.org/10.2298/fuee2202269p
10. Darveau, K., Hannon, D., & Foster, C. (2020). A comparison of rule-based and machine learning models for classification of human factors aviation safety event reports. Proceedings of the Human Factors and Ergonomics Society, 64(1), 129–133. https://doi.org/10.1177/1071181320641034
11. Dejana Ugrenovic, Jens Vankeirsbilck, D. P., & Tom Holvoet, jeroen B. (2020). Designing Out-of-distribution Data Detection.pdf. International Scientific Conference Electronics, 16–18. https://doi.org/978-1-7281-7426-6/20/$31.00
12. Emesoronye, S. (2024). Rule-Based vs . Machine Learning- Based Cybersecurity : Understanding the Differences Limitations : 1–4. https://doi.org/https://www.linkedin.com/pulse/rule-based-vs-machine-learning-based-cybersecurity-obinna-emesoronye-lnj1e/
13. Encyclopedia. (2025). k -means clustering (online, pp. 1–19). https://doi.org/https://en.wikipedia.org/wiki/K-means_clustering
14. Fernandes, G., Rodrigues, J. J. P. C., Carvalho, L. F., Al-Muhtadi, J. F., & Proença, M. L. (2022). A comprehensive survey on network anomaly detection. Telecommunication Systems, 70(3), 447–489. https://doi.org/10.1007/s11235-018-0475-8
15. Green, O. O. (2025). Enhancing Portal System Resilience with a Modified Lion Optimization Algorithm ( MLOA ) for Cyber Threat Detection. 21(2025), 61–85. https://doi.org/10.19044/esj.2025.v21n9p61
16. Hashmi, A., & Ahmad, T. (2020). FAAD : A Self-Optimizing Algorithm for Anomaly Detection. 17(2), 272–280. https://doi.org/doi.org/10.34028/iajit/17/2/16
17. Mittal, A., Gupta, A., Bhoomi, & Agarwal, K. (2024). Anomaly Detection in Cybersecurity: Leveraging Machine Learning for Intrusion Detection. Proceedings of International Conference on Communication, Computer Sciences and Engineering, IC3SE 2024, December, 331–335. https://doi.org/10.1109/IC3SE62002.2024.10592923
18. Moore, S. (2025). Behavior Anomaly Detection : Techniques and Best Practices. 1–11. https://doi.org/https://www.exabeam.com/explainers/ueba/behavior-anomaly-detection-techniques-and-best-practices
19. Paganini, P. (2023). The University of Manchester suffered a cyber attack and suspects a data breach. Security Affairs. https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/06/University-of-Manchester.png?ssl=1
20. Patrick, B., & Huston, F. (2025). A Survey on Supervised vs Unsupervised Learning Models for Network Intrusion Detection. April, 6. https://www.researchgate.net/publication/390747025_A_Survey_on_Supervised_vs_Unsupervised_Learning_Models_for_Network_Intrusion_Detection
21. Pu, G., Wang, L., Shen, J., & Dong, F. (2021). A Hybrid Unsupervised Clustering-Based Anomaly Detection Method. 26(1007–0214), 146–153. https://doi.org/10 . 26599 /TST. 2019 . 9010051
22. Rajakumar, B. R. (2012). The Lion’s Algorithm: A New Nature-Inspired Search Algorithm. Procedia Technology, 6, 126–135. https://doi.org/10.1016/j.protcy.2012.10.016
23. Rasim M. Alguliyev, R. M. A., & Fargana J. Abdullayeva. (2019). PSO+K-means Algorithm for Anomaly Detection in Big Data. STATISTICS, OPTIMIZATION AND INFORMATION COMPUTING, 7, 348–359. https://doi.org/: 10.19139/soic.v7i2.623
24. Rousseeuw, P. J., & Hubert, M. (2018). Anomaly detection by robust statistics. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 8(2), 1–14. https://doi.org/10.1002/widm.1236
25. Rožanec, J., Trajkova, E., Kenda, K., Fortuna, B., & Mladenić, D. (2021). Explaining bad forecasts in global time series models. Applied Sciences (Switzerland), 11(19), 1–23. https://doi.org/10.3390/app11199243
26. Trebar, M. (2021). Analysis of Machine Learning Algorithms for Anomaly Detection on Edge Devices. 1–22. https://doi.org/10.3390/s21144946%0AFaculty
27. Ukagwu, T. J. and L. (2023, March 15). Almost 13 million cyber attacks recorded during polls –FG. Punch, 1–3. https://cdn.punchng.com/wp-content/uploads/2023/02/16205355/ISA-PANTAMI.jpg
28. Yuan, Y. (2022). A Modified Hybrid Method Based on PSO , GA , and K-Means for Network Anomaly Detection. 2022, 1–10. https://doi.org/10.1155/2022/5985426
29. Almufti, S. M. (2015). U-Turning Ant Colony Algorithm powered by Great Deluge Algorithm for the solution of TSP Problem [Eastern Mediterranean University]. https://doi.org/https://www.researchgate.net/publication/318014104_U-Turning_Ant_Colony_Algorithm_powered_by_Great_Deluge_Algorithm_for_the_solution_of_TSP_Problem
Copyright (c) 2025 O.O. Green, S.M. Yusuf, M.B. Abdulrazaq, B. Yahaya, Z. Haruna, A. Ore-Ofe, S.O. Omogoye, A.S. Adegoke, S.O. Salami

This work is licensed under a Creative Commons Attribution 4.0 International License.