A Bagging Strategy-Based Kernel Extreme Learning Machine for Complex Network Intrusion Detection

Network intrusion can enter the network through informal channels. Some illegal users utilize Trojans and self-programmed attack to change the network security system, so that the system loses the defense and alarm function and the Hacker can steal the internal information. Network intrusion seriously harms the security of network information and the legitimate rights of users. Therefore, a bagging strategy-based kernel extreme learning machine for complex network intrusion detection is presented in this paper. This method adopts a bagging strategy to train several sub-kernel extreme learning machines independently. Then the integrated gain of above machines is measured based on the margin distance minimization (MDM) criterion. Selected machines with high gain degree are selected for selective integration to obtain selective integrated learners with strong generalization ability and high efficiency. Then an improved universal gravitation search algorithm is used to optimize the kernel parameters. Meanwhile, a sub-kernel extreme learning machine online update strategy based on incremental learning of batch samples is introduced to realize the online update of intrusion detection model, so that the proposed detection method can effectively be adapted to the changes of complex network environment. Finally, experiments illustrate that the proposed method has better effect on network intrusion detection in terms of detection accuracy and speed, especially for unknown network intrusion connection events, the response speed is fast, the false alarm rate is low.