【摘要】 作为机器学习领域的一个重点研究方向,集成学习相比于单分类器有着更高的检测精度,被广泛应用于异常入侵检测.但是,现有基于集成学习的入侵检测算法在对原问题进行划分过程中会存在一定的边缘信息与整体信息的丢失,且最终的模型融合也是一个耗时、复杂的调整参数过程.基于此,提出一种改进的基于集成学习的入侵检测算法,将原问题转化成多个二分类问题,并把多个分类器的概率预测结果作为先验知识加入到原本的特征中,再进行多分类模型的学习;借助于Facebook提出的梯度提升决策树(GBDT)和逻辑回归(LR)的融合模型对其中的二分类问题进行学习.通过在KDD CUP’99数据集的实验与分析,验证了所提算法的有效性.更多还原

【Abstract】 As a key research direction in the field of machine learning,ensemble learning is widely used in anomaly intrusion detection,and it can reach a higher detection precision than the single classifier.However,existing ensemble-based intrusion detection algorithms have some shortcomings,such as,the loss of edge information as well as the loss of whole information during the process of dividing original problem,time-consuming and complexity of the model fusion.So,this paper proposed a novel ensemblebased algorithm for intrusion detection.Firstly,the original problem is divided into a number of two classification problems,and the predicted probabilities are added into original features.Then the multi-class model is trained as the final result.In addition,we adopted GBDT(Gradient Boosting Decision Tree)+ LR(Logistic Regression),proposed by Facebook,to implement the binary classification.Experiments and analysis on KDD CUP’99 dataset verify the effectiveness of our proposed framework.更多还原