Anti-intrusion strategy MANET inspired by the bacterial foraging optimization algorithm

Mobile ad hoc networks (MANET) are reflexivity, fast, versatile wireless networks that are particularly useful when traditional radio infrastructure is unavailable, such as during outdoor events, natural disasters, and military operations. Security may be the weakest link in a network due to its dynamic topology, which leaves it susceptible to eavesdropping, rerouting, and application modifications. More security problems with MANET exist than with its service Quality of Service (QoS). Therefore, intrusion detection, which controls the system to find further security issues, is strongly suggested. Keeping an eye out for intrusions is essential to forestall future attacks and beef up security. If a mobile node loses its power supply, it may be unable to continue forwarding packets, which depends on the structure's condition. The proposed study presents a security of trust and optimization that conserves energy methods for MANETs based on integrating the K means algorithm and Bacteria Foraging Optimization Algorithm (KBFOA). This work proposes a method for quickly and accurately determining which nodes should serve as Cluster Heads (CHs) by K means algorithm. This approach aims to choose a node with a high Sustainable Cell (SC) rate as the Header of a Cluster (HC). Each node will calculate its SC according to its unique factors, such as energy consumption, degree, remaining energy, mobility, and distance from the HC and base stations. The security of MANETs is improved by the inclusion of an algorithm in the proposed approach that detects and eliminates rogue nodes. This suggested approach will increase network stability and performance using a high-sustainable cluster head. The proposed approach will be achieved the highest reliability of clustering rate of 97%. The intended research will be accomplished Maximum security measures rate will be accomplished by 96%, the maximum rate of data transmission will be obtained of 96%, and greater efficient detection of malicious nodes ratio will be enhanced by 95%, lower energy consumption rate will be achieved by 0.09 m joules. © 2023 by the authors. Licensee SSBFNET, Istanbul, Turkey. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).


Introduction
Each mobile node in a MANET (Srilakshmi, 2020) is equipped through a wireless spreader and recipient to enable two-way wireless communication. The following are the primary drivers of the prevalence of MANETs, which enable the conveyance of data with similar features (Banoth & Narsimha, 2021): The transmission, unlike the prior one, has a far limited range, restricting data exchange to only two nodes in the system. Unfortunately, despite improvements in battery life technology, a substantial barrier to the extensive usage of power battery gadgets consumes remained. To overcome this barrier, further research into an efficient procedure, stage, and machinery plan is necessary. Powering a MANET's nodes may come from a variety of sources, including batteries and massive power plants. As the MANET's performance is severely hampered by the short lifespan of the power source (Mohammad et al, 2021). The strict energy constraints placed on mobile nodes make the development of MANET routing protocols particularly challenging. The potential applications of MANET technology in real-time routing algorithms that minimize energy consumption are the deciding factor. Due to inefficiencies in central coordination and the ever-changing nature of the network, mobile nodes use more energy and exhaust their batteries more rapidly (Bhanumathi et al, 2021). of the channel's direct communication architecture. Potential threats in the MANET are exacerbated by the network's reliance on open and transparent communication protocols (Mohammad et al, 2021). Open communication makes providing safe and reliable routing in such a network challenging. MANET routing protocols may be divided into three broad groups based on their architecture and routing mechanism. There are a few types of routing protocols (1) that are proactive, (2) that are reactive, and (3) that are hybrid. Classification of routing protocols according to Routing Methods, Routing Architecture, Route Selection, Route, Routing Table, Route Maintenance, Protocol Operations, Protocol Operations, Strength, and Weakness. Proactive protocols create and update a routing table before any interaction occurs. Routing protocols rely on the periodic exchange of data packets to perform route establishment and route maintenance. The MANET incurs additional processing time because it transmits data packets to set up and maintain routes. Proactive routing systems are well-suited for low-density networks (Reham et al, 2019).
The use of a wireless connection and a variety of devices in a network without a fixed Internet Protocol (IP) address does not eliminate the need for many standard intrusion-detection processes and implementations, which has far-reaching consequences. The incidence of man-in-the-middle attacks rises in conjunction with the popularity for integrated and intelligent devices (Ranjita, et al, 2021). Because of the potential for poor protocol pack transmission, false alarms and accusations of nodes from networks are quite common. The user's movement within the system breaks transmissions and provides many paths, increasing poor protocol transmission potential. In contrast to wired IP networks' switches, routers, and firewalls, wireless networks' lack of these core components makes it difficult to monitor traffic for malicious activity (Venkanna, et al, 2015). Without a deterministic method, routing is one of the most challenging tasks humans face. Optimization methods are used to show the most cost-effective routes among a large set of potential routes (Aghbari, et al, 2020). A computer system's intrusion detection tool keeps tabs on and analyzes suspicious activity. Techniques for modeling and uncovering unusual behaviors and advanced procedures are included in an IDS. They look for signs of harm to the network to stop it. Automatic data collection from several systems and network sources and subsequent analysis for security flaws is a common method for achieving this goal (Ismail, et al, 2013). The absence of rigorous approaches for designing and analyzing peer-to-peer mobile networks drives an in-depth study of this topic. Effective strategies for linking the nodes have been developed to reduce the system's latency while increasing its throughput (ElHalawany, et al 2020).
Ad hoc network clustering is the theoretical grouping of nodes that share some characteristic into distinct subsets termed "Cluster." When it comes to the members of other clusters, a given element is very different while showing high levels of similarity within its group . The "Cluster head" node is used to uniquely identify each cluster. As a result of clustering, a node need not have the whole network topology in its memory. The processing of the global topology is streamlined as a result. The blackhole assaults of MANET are identified and the pattern linked to internal and external intruders is examined by the suggested multi level IDS for MANET utilizing clustering approach. K-Means clustering is used to categorize attacks, and the cluster head is used to choose which nodes to include in the chosen list. As a result, the number of control messages the routing system has to send out is reduced, as is the size of the routing tables .
The main objectives of the proposed paper are as follows.
i. Implement MANETs based on the K means Clustering and Bacteria Foraging Optimization Algorithm (KBFOA) for intrusion detection of the system. ii.
Combining BFOA and K means the algorithm employed to choosing a CH and identifying intruding nodes are essential components of the iterative routing protocol's security. The maximum trust of straight and unintended trust values is used to determine the CH selected. As part of an effective and detectable routing strategy, the threshold value notion is employed to identify the intruded node. iii.
Even though the suggested method makes use of the BFOA's benefits, a healthy equilibrium may be achieved between the algorithm's mining and modification phases. After an assault that drops packets is identified, the simulation findings will be compared to the real ones.
The outstanding divisions of this project are structured as follows: Section 1 displays the works relevant to the topic. In Section 2, break out the proposed KBFOA. The conclusion of a suggested technique and an explanation are provided in Section 3.

Literature Review
Since each node in a MANET needs to keep its Invasion Detection System (IDS) running at all times, the network uses more energy.
In light of this, Rathish et al. (2021) developed an approach of clustering for networks. The CH detection is required to build the route Weighted Clustering Algorithm used to build paths and reduce communication overhead. The goal of the suggested Distributed Clustering Algorithm Dependent Invader Detection System (DCAIDS) is to minimize transmission delays across a network. Intruder detection systems (IDS) can identify which nodes are being targeted by an assault and remove them from the cluster. If the receiving node wants to keep delivering the right data packets, it has to confirm receipt of the transmission with an RREP message. Establishing a route that is both efficient and delay-tolerant improves MANET's dependability.
A number of attacks may be used to disrupt connections in AdHoc networks that use the AODV (Ad hoc On-Demand Distance Vector Routing) protocol, which is one sort of MANET routing technology. In this paper, Fu et al (2019) investigate the security flaws in the AODV protocol by modeling it using one kind of Automata. The existing suggest an improvement to the procedure to defend against Black Hole Attacks (BHA). This existing paper also built the improvement into the NS3 simulator and confirmed its accuracy, usability, and efficiency. Bondada et al, 2022 propose a safe and energy-efficient routing protocol for MANETs, which are vulnerable to major security risks that are difficult to counter using the current security methods. When using asymmetric key cryptography, two nodes, the Calculator Key (CK) and the Distribution Key (DK), are utilized. Keys are generated, validated, and dispersed across these two nodes. Consequently, the work required to generate the private keys at other nodes is eliminated. These nodes are chosen based on their low energy use and high trustworthiness. Existing routing systems often have nodes that generate and disperse their secret keys, which may waste a lot of power. Security is expected to be breached if even a single node is hacked. The network's security is not at risk if the CK and DK are hacked.
Due to MANET distributed nature, network complicates the development of a multi-path QoS routing security method blockchain. Ran et al, 2021 suggested the AODV-MQS protocol as an enhancement to the standard AODV (ad hoc on-demand distance vector) protocol. At begin, a network chain is created, with intermediary nodes used to collect the statuses of entire knobs in the chain. Second, the QoS limitations are used by the blockchain's smart contract to weed out any nodes that don't measure up to the required standards. In summary, the blockchain network's smart contract reveals two major, independent channels for exchanging data: the primary route and a secondary backup channel.
Srilakshmi et al, 2021 developed the solutions offered in the literature for protecting routing to address various security concerns. In order to increase reliability in wireless networks, multipath routing has mostly replaced the original single-path routing. This article describes the Genetic Method with Hill Climbing (GAHC) routing protocol, which uses a combined GA and Hill Climbing algorithm to determine the best path in a multipath environment. Prior to this, the CH was first selected in a predicted fashion based on recent, indirect, and direct trust as part of the Improved fuzzy C-means algorithm approach, which itself was initially constructed on the density peak. The value of the nodes used in the calculation is dependent on the threshold of trust that is discovered in addition. The ideal route is selected using a combination of the anticipated hybrid protocol and the aggregate attributes of the optimal route, including throughput, latency, and connection, and in this process, even CH participates in the other pathways.
Sundaram et al, 2021 developed a Zone Based Hierarchical Link State Routing Protocol (ZHLS) is an example of a integrated protocol since it does not permit many inside assaults that originate from malicious nodes. The involvement of a third party in the routing system introduces the possibility of data loss and may impede the routing process. ZHLS Security is improved by including SHA256, AES, and DH in MANETS to address this issue. Multiple established forms of Security are integrated with MANETS routing protocols. In this thesis, I propose a protocol called ZHLS that combines the usage of the Advanced Encryption Standard (AES) with the use of secure hash algorithms to ensure the safety of sensitive data. Deffi-Hellman is used to keep information secret while it is being sent between different nodes. The suggested technique ensures the privacy of the sent data by using AES on the symbol and the authentication process.
This existing study's overarching goal is to create a MANET-optimized routing algorithm that is both efficient and safe. In this case, the KBFOA. The secure iterative routing method may be implemented when an Intruder Node (IN) is identified and eliminated. Choosing a CH is based on the highest combined value of the previous, current, and past trust. Effective and undetectable routing is achieved using the threshold value idea to identify the intruded node. In order to proceed, it is necessary to determine which CHs in MANETS' natural surroundings had the total worth of indirect, direct, and recent hope. Next, the BFOA accesses an intrusion detection mechanism to identify compromised nodes and safeguard the uninterrupted distribution of all packages from their source to final terminus. The stated purpose function is contingent on the path's capabilities, capacity, and connection. Even though the suggested method uses the BFOA's benefits, a healthy equilibrium may be achieved between the algorithm's mining and modification phases. After an attack technique known as "packet dropping" has been identified, the finals had been related to the real ones.

Suggested Optimizations Algorithm
MANETs rely on effective routing to move data from origin to destination to minimize the amount of data lost during transmission. In addition, the KBFOA is created, which extends the system's lifespan while cutting down on energy loss during transmission. Maximum values of straight and intended confidence are used in the initial step of k-means clustering and CH assortment; in the second stage, a threshold value of 0.4J is used to identify intruded nodes. In a network, nodes with trust scores over a certain threshold are regarded as trustworthy, whereas nodes below that level are flagged as potentially malicious.
The plan focuses on securing data transfer from origin to destination while protecting the compromised node. Following this, the BFOA is used to choose the best possible paths by considering the desired feature and the path's capacity, throughput, and communication. The safe optimization routing technique for MANETs is shown in Figure 1. The KBFOA is utilized to fine-tune the optimum hops, resulting in a globally best resolution with faster conjunction times. Here, QoS is a major concern with mixed results, and it is largely because of the fluidity of node connections. Such implies mobility, but achieving optimal QoS under fluctuating circumstances is challenging. For instance, data routing consumes more power than it should. When the target is distant from the generator, a lot of power is needed to reach it. An origin node commonly decides whether to use a singular hop or several hops when routing data. The notion of several hops is an improvement over the single-hop approach.  Figure 2 shows the MANET model with the foundation hops, the terminus hops, the neighbor hops, and the malicious node to help with understanding the scenarios for the needs of the secure intrusion detection system. The KBFOA must take into account the route computation and safeguard the nodes. The KBFOA technique is designed to pinpoint the most efficient method of sinking nodes as one travels through a network. The nodes should be placed to use the least amount of energy possible in the network to go from one place to another. The protocol will provide redundancy in the form of numerous paths; if one of them fails for whatever reason, the data will still be sent to its destination inside the network but through a different one. For MANETs to function, an KBFOA has to be set up so that malicious nodes may be identified and blocked from propagating across the network during data transmission. If a malicious node is not discovered at the outset of the network, it will cause packet loss throughout the network, as shown in Figure 2. Both detection and prevention are crucial to IDS. The packets in the detection system examine the infrastructure, such as the timing of packet arrival, the number of packets in a flow, the total amount of packets, and the average packet size. The uncertainty of these valves is determined by establishing threshold valves, and decisions are made by classifying assaults on the network. The intrusion prevention engine will sound an alert if an assault is detected. To counteract potential threats posed by the network's malicious nodes, S-IDSs for MANETs need the following components: i. S-IDS can cause no new MANET attacks. ii.
The system's nodes must be able to share data openly with their network peers.
iii. For S-IDS to be effective, it must be able to detect assaults quickly while using as few resources as possible and then quickly relay that information to its partner nodes. iv.
S-IDS has to be robust and able to recover from errors.

Management of Trust to Find CH
It is used in a MANET to assess the reliability of data and nodes, find security breaches, and provide protection services. The CH for each cluster is then determined by averaging the nodes' reliability scores. In addition, cluster attacks or incursions are evaluated based on the entire value of trust invested. Each node's total trustworthiness is calculated by adding up the trustworthiness of its direct and indirect connections. If the packet is successfully directed from the foundation hop to the neighbor hop, then the trustworthiness of the neighbor node increases. If the node discards the packet, it loses credibility and is seen as potentially malicious. After that, the first node decides which node should be trusted after it. A node's trustworthiness is determined both by its interactions with other nodes (straightforward trust) and by the opinions of those nodes' neighbors (unintended trust). Every once in a while, the nodes will talk shop about their nearest neighbors. Let's say the node wants to transmit a packet to node . In that case, node 's direct trust parameter, ℎ , would look like this: , depicts the number of packets transmitted by node in an acceptable way at time , whereas , Depicts the number of packets successfully established by node from node m at time . At a given moment in time , Tindirect represents the level of implied trust that node 's neighbors have in node . These are neighbors of both node and node . The formula for is: where is the node and is the number of its neighbors.
At a given instant in time , equals the mean of the neighbors' trust levels. Indirect trust is determined mostly by how trustworthy one's immediate neighbors are. There are several benefits to using indirect recommendations to gauge each node's trustworthiness. First, a node may identify and quarantine bad actors, preventing them from sending or receiving packets. Second, selecting neighbors with a greater trust degree to relay packets encourages cooperation.
The trust sum, denoted by , is a continuous variable between 0 and 1, and it never goes beyond or below 1. Trust level 0 represents an extreme lack of trust, whereas level 1 is an extreme example of trust.
is defined as a weighted average of the following two quantities: ℎ and 's respective weighting factors are 1 and 2 .

Formation of Clusters
Clustering uses a distance parameter to categorize the moving nodes into groups. When two nodes have an X-coordinate and a Ycoordinate, it is possible to determine their distance from one another. The distance between a node and its neighbors is determined by comparing its X and Y coordinate values. Clusters are generated by grouping nodes with the smallest distance difference together. Partitioning clustering and hierarchical clustering are the two most common types of clustering. Nodes are partitioned into groups using the K-means technique for clustering.

K-means Algorithm
Route quantization by means of the K-means algorithm is a common machine learning method. Splitting n observations into K clusters, where each sample is linked to the cluster and acts as the closest mean cluster prototype, is the basic purpose of K-means clustering. The number of clusters, denoted by K, and the average value of the parameters, denoted by the mean, are discussed.
At first, it is expected that there would be K cluster centroids, where K is the target number of clusters. If K is set to 3, for instance, the centroid will be chosen randomly from amongst a set of K nodes. This equation is used to determine the centroid location in n dimensions: ( 1 , 2 , . . , ) = ( The node's distance to its neighbors and other nodes is determined using their respective centroids, such as geographical hubs being used as the starting point for the centroids. The following formula is used to determine the Euclidean distance between two points. Those nodes with the smallest distance differences are grouped. The accumulated distances are then averaged. A comparison of mean distances is achieved by subtracting the two values. Clusters are produced again, and this process continues until widespread clusters emerge. When everything is said and done, will construct exactly as many clusters (or groups) as are required.
Algorithm 1: Cluster formation in BFOA Step 1: At the beginning, equals the desired cluster size (the number of centers).
Step 2: Next, choose initial centroids that make the most sense for the region.
Step 3: The next step is to use these centers to get the -the distance between each pair of nodes.
Step 4: Evaluate how far is from each of the centers.
Step 5: There is a clustering of nodes according to their proximity to the centroid, with ranging from 1 to .
Step 6: find the new centers of the clusters.
Step 7: Return to step 3 until there is a change in cluster membership.

Choosing The Leading Cluster Nodes
The cluster leader should then be chosen. The cluster leader in a cluster-based design may be chosen depending on how well each node performs in terms of battery life, portability, network connection, etc. The impact of several aspects of performance may be combined to significantly boost performance. Weight-based clustering takes into account a wide range of factors, such as the speed of nodes, the degree of connections between them, and the residual energy, to establish the overall structure of the cluster. This method chooses the best regional cluster head without favoring mobile nodes with unusual characteristics like the lowest ID or the greatest degree. This clustering technique's versatility lies in its ability to easily modify the relative importance given to each parameter, making it useful in a wide range of contexts. For instance, the greater energy capacity weighting factor might be chosen in systems where battery energy plays a substantial role. When creating our multi-criteria formula, we examine the following four input parameters.
Energy (E): Ad hoc networks based on clusters place additional responsibility for packet routing on the shoulders of cluster coordinators (cluster heads). After a cluster has formed, battery drain becomes a serious problem. The cluster head's battery life is less than that of regular nodes since it must handle more work for the cluster. The length of time someone serves as a cluster head may be used as a direct proxy for Energy Drainage ( ).

Motion (M)
This variable represents the total number of mobile nodes that change position and/or heading during a certain time interval. In a network, reduced mobility at the node level leads to fewer reaffiliations and more stability. How far a node moves in a given amount of time is a measure of its mobility. The mobility of a node may be determined, for instance, if its location is known at times 1and 2 to be ( 1, 2) and ( 1, 2) = 1 ( 2− 1) * √[( 2 − 1) 2 − ( 2 − 1) 2 ] (8)

Position of the Node's Degree ( )
A node's degree, shown by the notation ( ), is the number of other nodes within some maximum distance from it, say, 200 meters.

Dropped Packets ( )
Congestion, data transmission problems, timeouts, and other factors may all lead to packets being dropped from the network as they travel from one node to another.
It is possible to determine the packet loss rate by using the formula: The relative importance of the four parameters to the model as a whole is reflected in their respective weights. The significance of a parameter may be adjusted by adjusting the value of the corresponding weights. If you add up all of these numbers, you should get 1. The cluster leader should be chosen using input parameters weighted to maximize the cluster's ultimate goal value. This set of inputs specifies a preference for maximum Energy and Node Degree and minimum Mobility and Packet Drop.

Value of a Weighted Node
Consider a node , and for the sake of argument, let its Energy, Node Degree, Mobility, and Packet Drop values be , , , Respectively. Using the following formula, we can get the weight node value for each node based on the values of these parameters.
Algorithm 2: Leading cluster Selection in KBFOA 1. The k-means method is used to generate clusters from specified starting points.

2
In the first stage, all the nodes are in a state of " . " 502 3 Figure out how each node in the cluster stacks up in terms of energy, degree, mobility, and packet loss.

4
Determine the value of each node based on its weight.

5
Distribute cluster to immediate neighbors 6 Perform the necessary steps to process the broadcast from nearby nodes, such as node . 7 Weight at node is noted as on node .
Node may designate itself as the cluster's leader by setting its state to " ." Share the " ℎ " data with all the local nodes.
10 Node agrees to " ℎ " and becomes a member of the cluster.
The " ℎ" response from node o .

Else 12
If node is not a , the cluster must wait for the node with the most weight in the cluster to " ℎ ."

13
To go to Step 4, if there is a node with a " " state, click here.

Evaluation of Different Intruder-Detection Thresholds:
A sink node may determine whether or not a network is under attack by analyzing the trustworthiness of the data given to it through the CHs from other nodes. Once an intruder node is detected, it is prevented from interacting with other nodes. If the sink node employs a threshold value, it may prepare for potential intruders (0.4Jule). The primary objective of intrusion detection is to provide a protected system connection while minimizing resource use and data latency.

Proposed Optimization Algorithm (KBFOA)
The suggested BFOA approach finds the best possible next hops in a MANET's forward routing. Safe optimization is discussed, whereby the objective function is employed to determine the best nodes for effective routing.

Encoding at a Specific Resolution
The demand for DRE is the solution to this optimization procedure, and the optimal routes for MANETs are just the paths that have been chosen. The CH in equation (8) has been chosen to optimize directing after the structure for the least data loss during transmission. When possible, choosing a path with little energy loss is preferable since this minimizes the time it takes to complete a route.

The Formula for the Existing Power
The viability of a route depends on many characteristics, including the quantity of power still available in the hops, the track's output, and accessibility. Since the fitness function is a maximization function, the performance is maximized.
Power , output , and capacity may all be determined at various nodes along the path (route connection ). Using the following formulae, one may calculate the amount of energy still stored in the node.
, are the amount of energy not used during the sending and getting of a distinct byte of information.

Expert Bacteria for Ageing Optimization System
A relatively new contribution to bio-inspired algorithms, the Bacterial Foraging Optimization Algorithm has applications in the fields of Bacterial Optimization Algorithms, Swarm Optimization, and Artificial Logic and Metaheuristics at large. Numerous fields have used it, including research into color image quantization, facial identification, and advanced engineering problems. Compared to other bioinspired and conventional methods, BFOA produces better results when applied to these challenges. It is a developed method faster than previous methods and can tackle challenging simultaneous equations.
BFOA is a cutting-edge method that has just recently been used in biological research. A bacteria may use chemotaxis to move from one location to another while it searches for food. The primary idea behind BFOA is to model the chemo-tactical behavior of hypothetical bacteria as they navigate the problem space in pursuit of a solution, with bacteria usually exchanging information through signals. It is a technique for optimization techniques that may be used for many different optimization algorithms.

Path Planning Stage
The primary objective of the BFOA is to initiate a chemo-tactical shift in the search for virtual pathogens. The stages of the BFOA are as follows:

Chemotaxis
Bacteria employ a process called chemotaxis, which involves a series of extremely minute motions to navigate to the source of food. The animal moves with the help of flagella. It can flip or spin a definite distance in a predetermined direction. The situation is something that happens throughout a person's whole life.

Swarming
It is produced by E. coli cells when they move through a nutrient chemo-effector matrix and along a nutrient supplement gradient. The cells inside the body generate a magnet using concentrated succinate.

Genetic Recombination
Successful bacteria may pass on their genes to the next generation, whereas unsuccessful bacteria may not survive to do so. Beneficial bacteria may divide in half if they need to maintain a constant swarm size.

Destruction
When bacteria are killed or moved to a new location, it causes a shift in the surrounding air. In BFOA, this is simulated by eliminating the old and new random germ pools.

2:
The bacterial indices ( ) is now at a value of 0.
4: Establishing = + as the first value of the . 5: Establishing = + 1 as the first value of the ℎ .
For = 1,2, … , chemotactic maneuver S take for bacteria I is as follows.
Move: Let be the bacterium's health (a reflection of its ability to thrive in its environment and resist harmful toxins). In order of increasing health risk, rank bacteria and chemotactic characteristics ( ) (higher cost means lower health).
If the bacteria's ℎ ℎ value is too high, they will die, and the best bacteria will continue to reproduce (this process is performed by the copies that are made are placed at the same location as their parent).

9: verify <
. if this is the case, go to step 4 10: elimination dispersal: For = 1,2, … , with probability , eliminate and disperse every bacteria. This may be accomplished by randomly dispersing new bacteria around the optimization zone whenever one is destroyed. It's time to go on to Step 2 if, < the process is finished. Define clustering performance 10 Process-1: Run the formulation's energy consumption modeling module.
13 Process-4: Run the formulation's data transfer rate modeling module.

17
Use the multi-hop paradigm to set up the most efficient path between the sender and the recipient.

19
End procedure The computing stages and flow of the preceding Algorithm. 3 to access the performance of a hop-by-hop transmission scheme using a numerical simulation are shown clearly. Energy-efficient MANET node operations are used, together with discrete-time stochastic processes and duty-cycle states.

Result
Along with KDD-99, the Fifth International Conference on Knowledge Discovery and Data Mining (FCKDM), this data collection was utilized for the Third International Knowledge Discovery and Data Mining Tools Competition (TIKDDMTC). The rivalry's objective is to develop an disturbance detector for a network, a prediction model that could identify malicious connections (intrusions or assaults) from healthy ones. Data from various simulated intrusions in a military network setting are included in this auditable database.

Reliability of Clustering Rate
The amount of overlaps an algorithm generates for a certain amount of hops in the system is a good proxy for how well the algorithm does at clustering. It has been measured as follows: = Multiple methods' clustering accuracy are compared, and the results are laid up in figure 6. However, the clustering accuracy of the suggested KBFOA is better than that of competing approaches. Compared to DCAIDS, AODV-MQS, GAHC, and ZHLS, the clustering accuracy produced by the proposed KBFOA algorithm are higher at 97% when there are 100 nodes in the network, respectively.
In Figure 6, shows the result of examining the network's ability to cluster nodes as a function of changing the nodes in the network. Compared to the DCAIDS, AODV-MQS, GAHC, and ZHLS algorithms, the new KBFOA method improved performance. Compared to DCAIDS, AODV-MQS, GAHC, and ZHLS, the DCAIDS method's clustering accuracy is poor (below 75%) for all node situations (100). The Mean Squared Error (MSE), average purity, and execution time for 100-cluster algorithms. In this graph, a standard deviation of 0.1 represents a negligibly tiny value (0.002). As the KBFOA algorithm optimizes a separate goal, it does not display the MSE results. Here, the graph will show about the accuracy at a single threshold from the ranked list of clusters. Assuming we have some idea from heuristics of what proportion of attacks to expect, we can partition the sorted cluster list in a way that produces that number. To represent the expected distribution of the training data, graph classify the clusters as either normal or invasive, with the number of data instances in attack clusters making up around 21% of the entire population. For each experiment, we do it 15 times and graph the average and standard deviation of the overall accuracy, the false positive rate, and the assault detection rate.

Functioning of Security Measures Rate
The method's security effectiveness is determined by the proportion of successfully mitigated threats relative to the total number of threats created. This measure has been quantified as follows: Security performance of several technique has been compared and all indicates that the KBFOA algorithm has the best overall security performance. The suggested KBFOA algorithm outperformed the DCAIDS, AODV-MQS, GAHC, and ZHLS algorithms regarding security performance for test cases involving 100 nodes, respectively. In Figure 7, we see how different algorithms fare when adding a layer of protection. Compared to other possible methods, the KBFOA algorithm provides the highest level of security.
Other systems, such as DCAIDS, AODV-MQS, GAHC, and ZHLS, have a worse security level due to a greater number of hostile nodes and the lack of a dependable security mechanism. Predictions of attacks close to the threshold value are made by thresholdbased intrusion detection systems. F-measure, categorization rate, recall, and similar measures are all included. When ranking methods of attack detection, metrics including false positive and false negative rates, detection rates, and accuracy are taken into account. The likelihood of an assault being detected is proportional to Probability-based methods, including mean square error, root mean square error, and so on, are used to detect false-negative situations. To successfully identify an assault, the threshold must be set at True Positive (TP). When neither an attack nor its detection has been made, we say that the situation is "true negative" (TN). A false positive (FP) occurs when an alert is generated but no actual attack has occurred. False Negative (FN) refers to the rate at which an intrusion is not correctly identified, whereas False Positive (FP) refers to the accurate tagging of an authorized user. The MANET and IDS ideas of clustering and dependable topology are used to examine and experiment with the proposed KBFOA algorithm. The study is performed using a variety of assessment criteria from various levels of abstraction. One statistic used in machine learning is the True Positive Rate (TPR), which is the ratio of True Positives to True Positives plus False Negatives. The ratio of FN and the sum of FN and TP is the False Negative Rate.

Rate of Data Transfer
Throughput is the rate at which data is sent, expressed in the number of packets or bytes transferred in a given amount of time. The rate of data transfer has been quantified as follows: = (14) Figure 8 compares the throughput ratios of different approaches and indicates that the KBFOA algorithm improves throughput performance. Compared to DCAIDS, AODV-MQS, GAHC, and ZHLS, the suggested KBFOA algorithm has shown throughput improvements of 96% under 100 nodes under simulated settings. Measurements of throughput performance for various new methods are shown in Figure 8. The RRCST algorithm has shown better throughput results than any other approaches tried so far. The Packet Reception Rate (PRR) and Packet Forwarding Rate (PFR) threshold values of the lightweight module are assumed to be 0.4 and 0.5, respectively, for the purpose of assessing the proposed KBFOA. Using the aforementioned (PRR) and (PFR) threshold values, it was determined that the lightweight module had a 95% detection rate and a 0.65% false positive rate against a wide variety of attacks, including denial-of-service, packet dropping, packet distortion, route compromise, black-hole, and others.

Efficient Detection of Malicious Nodes Ratio
How well a technique identifies harmful nodes in a network may be judged by comparing the overall amount of malicious hops in the system to the amount of successfully detected nodes. This detection of malicious nodes rate has been quantified as follows:

=
(15) Figure 9 shows the results of many tests comparing different methods for identifying malicious nodes in a network. When compared to existing approaches, the suggested KBFOA algorithm achieves a greater ratio of malicious node detection strength. When compared to DCAIDS, AODV-MQS, GAHC, and ZHLS, the suggested KBFOA algorithm has generated malicious node detection performance of 95%, under 100 nodes, and, respectively, under simulated settings. Figure 9 contains an analysis and a visualization of the effectiveness of identifying malicious nodes. The KBFOA algorithm was superior at identifying malicious nodes compared to other methods. Without a reliable, safe routing protocol plan, methods like GCEEC and ABCP have difficulty identifying rogue nodes. Graph 9 displays the ratio of healthy nodes still active after 1200 s to malicious nodes still active in a cluster of 100 nodes. To prevent being chosen as a leader node, a malevolent node will inflate its cost analysis value. From the graph, it is clear that the proportion of healthy nodes in a network declines as the proportion of malicious nodes rises. This demonstrates that as the number of selfish nodes in a cluster increases, the normal nodes carry out less intrusion detection services and die off more quickly.

Impact on Energy Use Rate
Node performance in energy consumption is measured by the amount of transmissions it does and the entire amount of joules it expands. This energy use rate has been quantified as follows: As seen in figure 10, different methods incur additional energy costs when dealing with different numbers of nodes. In all scenarios we investigated, the suggested KBFOA algorithm used the least energy possible given the number of transmissions. Compared to 509 existing DCAIDS, AODV-MQS, GAHC, and ZHLS algorithms, the suggested KBFOA method utilized 0.09 m joule, less energy in the 100 nodes, and simulation circumstances, respectively. The method's low energy consumption for data transmission is shown in Figure 10. Study findings indicated that the suggested KBFOA algorithm used less power than competing methods. In figure 10, we see how different combinations of factors affect the effectiveness of different methods. The suggested KBFOA method performs better across the board than other algorithms. The AODV-MQS method, which locates the least risky path for data transmission in the absence of hostile nodes, is largely responsible for the suggested method's greater efficiency across various parameters. The suggested model to investigate the influence of our scheme (leader IDS election) on the average life duration of nodes. The initial energy levels for each node in the cluster range from 4 to 60 Joules. It is expected that the leader IDS will use 4 Joules of energy during the course of the chosen time period (10 s). The energy needed by nodes for their usual operations and transmissions has been disregarded to simplify the study. The below graph do an analysis of the suggested model in a cluster of 15 nodes, where 30%, or 4 nodes, are malevolent. Using the K means algorithm for leader election model and the random leader election model (Figure 10), The proposed research can show the energy levels of various nodes vary. Over time, some of the nodes in the random model die off, while the energy levels of the remaining nodes stay about the same or decline slightly. Nevertheless, the most cost-effective node (high-energy level node) is always elected as cluster leader in the K means algorithm mechanism based leader election model, ensuring that all nodes have an equal amount of energy. When compared to a random model that does not use a leader election method, the suggested approach extends the average lifespan of the cluster node by 40%.

Conclusion
This work presents the design and implementation of a KBFOA based system for detecting intrusion. The problem of energy consumption and inter-hop delays in communication are both addressed by the secure optimization routing method. An effective routing strategy was developed using the KBFOA. Initially, the K means clustering method is used to determine which CHs have the highest straight and intend trust levels. Phase two involves calculating the most trusted community hubs based on direct, indirect, and recent trust. The threshold rate is employed to determine whether or not an intruded node has been detected. Data packets are sent to the drain through the CHs and travel a complex path that involves several intermediate nodes. BFOA is used to choose the most promising candidate for advanced routing in MANET. Multi-constraint trust weight measurements throughout the path reveal the infected node. The proposed method optimizes space, throughput, and path connections and has a quicker convergence rate. The proposed approach has achieved reliability of clustering rate of 97%, a maximum security measures rate achieved of 96%, a maximum rate of data transfer achieved of 96%, higher efficient detection of malicious nodes ratio improved by 95%, a lower energy use rate of 0.09 m joule. The future direction of the integrated BFOA and ANT clustering algorithm for detecting black holes in the MANET network.