Abstract
This paper presents an adaptive network intrusion detection (ANID) method based on the selective ensemble of kernel extreme learning machines (KELMs) with random features (termed ANID-SEoKELM), aiming at identifying various unauthorized uses, misuses and abuses of computer systems in real time. To generate a lightweight intrusion detector, multiple KELMs are learned independently based on the Bagging strategy with sparse random feature representation (SRFR), to reduce noise and redundant or irrelevant information in network connection instances and ensure the diversity of base learners for the effective ensemble of base learners. A marginal distance minimization (MDM)-based selective ensemble (MDMbSE) method is introduced to generate the ultimate intrusion detector. To ensure the adaptability of the intrusion detector, an incremental learning-based detection-model updating procedure is also derived. Extensive validation and comparative experiments on the benchmark KDD99 dataset and a hybrid heterogeneous network simulation platform mixed with wireless networks and Ethernet networks demonstrate that the ANID-SEoKELM is able to adapt to the dynamically changing network environments hence it can achieve higher detection accuracies stably and efficiently than classic single learner-based intrusion detection methods and representative ensemble-based intrusion detection methods.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
