Abstract
Ensemble classifier can not only improve the accuracy of learning system but also significantly improve its generalization ability by utilizing different deviations of each classifier. Although different classifier ensemble methods are proposed in intrusion field, they are more or less defective and still need further improvement. Aiming at realizing a strong generalization intrusion detection model with high detection rate (DR) and low false positive rate (FPR), a two-layer intrusion detection model based on ensemble classifier (TLMCE) is proposed in this paper. R2L and U2R are classified using JRip classifier in the first layer, and the ensemble classifier is used to classify Normal, DoS, and Probe in the second layer. The stacking optimization strategy is applied to the ensemble classifier using J48, JRip, RandomForest (RF), BayesNet, and SimpleCart as the base classifier. In addition, a modified sequential forward selection method is proposed to select appropriate feature subsets for TLMCE. The experimental results on the NSL-KDD dataset demonstrate that the TLMCE has better performance than some existing ensemble models. It achieved an overall accuracy rate of \(89.1\%\) and a FPR of \(3.1\%\).
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
