Abstract
In order to adapt to the rapid development of network technology and network security detection in different scenarios, the generalization ability of the classifier needs to be further improved and has the ability to detect unknown attacks. However, the generalization ability of a single classifier is limited to dealing with class imbalance, and the previous ensemble methods inevitably increase the training cost. Therefore, in this paper, a novel network intrusion detection algorithm combined with group convolution is proposed to improve the generalization performance of the model. The basic classifier uses group convolution with symmetric structure instead of ordinary convolution neural network, which is trained by the cyclic cosine annealing learning rate. Through snapshot ensemble, the generalization ability of the integration model is improved without increasing the training cost. The effectiveness of this method is proved on NSL-KDD and UNSW-NB15 datasets compared to six other ensemble methods, the classification accuracy can achieve 85.82% and 80.38%, respectively.
Highlights
In recent years, with the rapid development of science and technology, communication, big data, cloud computing and other devices, network technology provides convenience in people’s livelihood, economy, politics and many other aspects of popularization
In order to adapt to the rapid development of network technology and network security detection in different scenarios, the generalization ability of the classifier needs to be further improved, in detecting unknown attacks
In the comparative experiments of this paper, the four classic models of the decision tree, Naive Bayesian (NB) and convolutional neural networks (CNN) are used as base classifiers, and they are integrated through the two commonly used ensemble methods of Bagging and Boosting, and a total of six methods are set
Summary
With the rapid development of science and technology, communication, big data, cloud computing and other devices, network technology provides convenience in people’s livelihood, economy, politics and many other aspects of popularization. Intrusion detection system (IDS) is a network in a security management system used to detect network intrusions. In order to adapt to the rapid development of network technology and network security detection in different scenarios, the generalization ability of the classifier needs to be further improved, in detecting unknown attacks. The generalization ability of a single classifier is limited, and the previous ensemble methods have inevitably increased the training cost. We will explore a snapshot ensemble method to improve the generalization performance of the model without increasing the training costs. The generalization ability of the ensemble model was improved without increased training costs. The effectiveness of this method has been proved by several experiments.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
