• 学报（中文） •

### 一种基于集成学习的入侵检测算法

1. 1. 上海交通大学 网络空间安全学院， 上海 200240； 2. 上海交通大学 电子信息与电气工程学院， 上海 200240； 3. 国网江苏省电力有限公司， 南京 210024
• 通讯作者: 齐开悦，男，讲师，E-mail: tommy-qi@sjtu.edu.cn.
• 作者简介:黄金超(1992-)，女，河北省保定市人，博士生，主要从事大数据研究.
• 基金资助:
中国国家电网公司(SGCC)科技项目(SGRIXTKJ［2017］133)

### An Ensemble-Based Intrusion Detection Algorithm

HUANG Jinchao,MA Yinghua,QI Kaiyue,LI Yichen,XIA Yuanyi

1. 1. School of Cyber Security, Shanghai Jiao Tong University, Shanghai 200240, China; 2. School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong Univertsity, Shanghai 200240, China; 3. State Grid Jiangsu Electric Power Co., Ltd., Nanjing 210024, China

Abstract: As a key research direction in the field of machine learning, ensemble learning is widely used in anomaly intrusion detection, and it can reach a higher detection precision than the single classifier. However, existing ensemble-based intrusion detection algorithms have some shortcomings, such as, the loss of edge information as well as the loss of whole information during the process of dividing original problem, time-consuming and complexity of the model fusion. So, this paper proposed a novel ensemble-based algorithm for intrusion detection. Firstly, the original problem is divided into a number of two classification problems, and the predicted probabilities are added into original features. Then the multi-class model is trained as the final result. In addition, we adopted GBDT (Gradient Boosting Decision Tree)+LR (Logistic Regression), proposed by Facebook, to implement the binary classification. Experiments and analysis on KDD CUP’99 dataset verify the effectiveness of our proposed framework.