关键词: 入侵检测, 异质集成学习, 特征降维, 成对多样性度量

Abstract: Intrusion detection is a challenging and important task in the field of network security. A single classifier may bring classification bias, and using ensemble learning has stronger generalization ability and higher accuracy compared to a single classifier. Although such algorithms have good classification performance, adjusting the weights between the base classifiers requires a lot of time. To address this issue, an feature dimension reduction heterogenous integration intrusion detection model based on Bagging-based feature dimension reduction and Bagging heterogeneous integration-based intrusion detection classification algorithm (Double-Bagging) is proposed. The algorithm integrates five feature selection algorithms and adopts a Bagging voting mechanism to select the optimal feature subset, in order to achieve efficient and accurate feature dimensionality reduction. At the same time, the pairwise diversity measure in ensemble learning is introduced to choose the optimal heterogeneous ensemble set for different base classifier combinations. For the weighting function, accuracy and AOC value are used as weights to integrate classifiers. The experiment shows that the models accuracy is up to 99.94%, and the system error rate and positive judgment rate are up to 0.03% and 99.55%, which is superior to the existing mainstream intrusion detection algorithms.

Key words: intrusion detection, heterogeneous integrated learning, feature dimension reduction, measure of paired diversity