sis 18: e16

Research Article

A Bagging Strategy-Based Kernel Extreme Learning Machine for Complex Network Intrusion Detection

Download31 downloads
  • @ARTICLE{10.4108/eai.6-10-2021.171247,
        author={Shoulin Yin and Hang Li and Asif Ali Laghari and Shahid Karim and Awais Khan Jumani},
        title={A Bagging Strategy-Based Kernel Extreme Learning  Machine for Complex Network Intrusion Detection},
        journal={EAI Endorsed Transactions on Scalable Information Systems: Online First},
        volume={},
        number={},
        publisher={EAI},
        journal_a={SIS},
        year={2021},
        month={10},
        keywords={network intrusion detection, bagging strategy, kernel extreme learning machine, margin distance minimization, online update strategy},
        doi={10.4108/eai.6-10-2021.171247}
    }
    
  • Shoulin Yin
    Hang Li
    Asif Ali Laghari
    Shahid Karim
    Awais Khan Jumani
    Year: 2021
    A Bagging Strategy-Based Kernel Extreme Learning Machine for Complex Network Intrusion Detection
    SIS
    EAI
    DOI: 10.4108/eai.6-10-2021.171247
Shoulin Yin1, Hang Li1,*, Asif Ali Laghari2, Shahid Karim3, Awais Khan Jumani3
  • 1: Software College, Shenyang Normal University, Shenyang 110034 China
  • 2: Department of Computer Science, Sindh Madressatul Islam University, Karachi, Pakistan
  • 3: Department of Computer Science, ILMA University, Karachi, Pakistan
*Contact email: lihangsoft@163.com

Abstract

Network intrusion can enter the network through informal channels. Some illegal users utilize Trojans and self-programmed attack to change the network security system, so that the system loses the defense and alarm function and the Hacker can steal the internal information. Network intrusion seriously harms the security of network information and the legitimate rights of users. Therefore, a bagging strategy-based kernel extreme learning machine for complex network intrusion detection is presented in this paper. This method adopts a bagging strategy to train several sub-kernel extreme learning machines independently. Then the integrated gain of above machines is measured based on the margin distance minimization (MDM) criterion. Selected machines with high gain degree are selected for selective integration to obtain selective integrated learners with strong generalization ability and high efficiency. Then an improved universal gravitation search algorithm is used to optimize the kernel parameters. Meanwhile, a sub-kernel extreme learning machine online update strategy based on incremental learning of batch samples is introduced to realize the online update of intrusion detection model, so that the proposed detection method can effectively be adapted to the changes of complex network environment. Finally, experiments illustrate that the proposed method has better effect on network intrusion detection in terms of detection accuracy and speed, especially for unknown network intrusion connection events, the response speed is fast, the false alarm rate is low.