| In the real network environment,network data is dynamically input,and network behavior characteristics show significant changes over time,resulting in a decrease in the detection performance of static models.Moreover,with the passage of time,the input of network data makes the amount of accumulated data to continue to increase,resulting in a large consumption of storage space and reducing computing efficiency.In order to solve the above problems,this paper proposes a dynamic ensemble incremental learning method,which combines the ideas of ensemble learning and incremental learning.The research of this paper mainly includes two contents: First,an incremental strategy for dynamically updating the detection model is designed,using the high-sparse Relevance Vector Machine(RVM)as the base classifier of the Bagging ensemble method.With the input of new network data,the base RVM members in the RVM ensemble model and the voting weight of each base RVM model are constantly updated,at the same time,a classification performance index is designed as the basis for updating the RVM base members to improve the accuracy of intrusion detection.Finally,multiple RVM weighted votes using the proposed probabilistic ensemble decision function to obtain the ensemble classification results of the new network data to achieve ensemble incremental intrusion detection.Second,to further promote the intrusion detection effect,the whale optimization algorithm(WOA)is adopted to optimize the hybrid kernel RVM.The method in this paper is tested on KDDCUP99,NSL-KDD,and CICIDS2017 data set.Test results indicate that the detection performance of the method proposed in this paper will not obviously decay with the input of new data,and has a high detection speed.In addition,the proposed method improves the adaptability of the detection model and the long-period detection accuracy. |
PDF Full Text Request