Journal of Jilin University(Engineering and Technology Edition) ›› 2025, Vol. 55 ›› Issue (4): 1396-1405.doi: 10.13229/j.cnki.jdxbgxb.20230751

Previous Articles     Next Articles

Intrusion detection method based on ensemble learning and feature selection by PSO-GA

Jun WANG(),Chang-fu SI,Kai-peng WANG,Qiang FU()   

  1. College of Computer Science and Technology,Shenyang University of Chemical Technology,Shenyang 110142,China
  • Received:2023-07-17 Online:2025-04-01 Published:2025-06-19
  • Contact: Qiang FU E-mail:wj_software@hotmail.com;qiang.fu@outlook.com

RICH HTML

 1   

PDF (PC)

80

Abstract:

In response to the security issues in industrial networks, a new intrusion detection method is proposed. The specific innovations of the method are divided into two aspects. First, in the process of processing, in order to solve the problem of high dimensionality of the original data, a particle swarm optimize genetic algorithm (PSO-GA) hybrid algorithm with dynamically adjusted parameters was proposed for feature extraction. It successfully screened out a subset of features that are meaningful to model training and accelerated training speed. Secondly, when building a machine learning model, theStacking integrated learning framework is used to generalize the output results of multiple models to improve the overall prediction accuracy. The experimental results on both two datasets show that the detection precision on the publicly available intrusion detection dataset CICDS-2017 has reached 95%, and it also has a 93% precision on a real industrial dataset developed by Lan Turnipseed from the gas pipeline control system.

Key words: computer application, industrial control system, intrusion detection, ensemble learning, feature selection

CLC Number: 

  • TP399

Table 1

CICIDS2017_sample dataset"

编号标签样本数量/个
1BENIGN22 767
2DoS19 035
3PortScan7 946
4BruteForce2 767
5WebAttack2 180
6Bot1 966

Table 2

Description of gas pipeline dataset"

标签缩写(编号)
NormalNormal(0)
Na?ve Malicious Response InjectionNMRI(1)
Complex Malicious Response InjectionCMRI(2)
Malicious State Command InjectionMSCI(3)
Malicious Parameter Command InjectionMPCI(4)
Malicious Function Code InjectionMFCI(5)
Denial of ServiceDOS(6)
ReconnaissanceRecon(7)

Fig.1

Labels for CICIDS-2017_sample"

Fig.2

Impact of tree depth on precision"

Fig.3

Cost decreases with number of iterations"

Fig.4

Accuracy corresponding to different feature subsets"

Fig.5

Stacking Ensemble"

Fig.6

Flow chart of proposed model"

Table 3

Confusion matrix for multi classification tasks"

类别1类别2类别n
类别1A11A12A1n
类别2A21A22A2n
????…
类别nA n1A n2A nn

Table 4

Comparison before and after ensemble and feature selection"

方 法精确度召回率F1分数CPU时间/s
决策树0.9250.9640.95122.8
随机森林0.8620.9960.9063 min 5
极端梯度提升0.9030.9970.9354 min 14
堆叠集成0.9360.9750.9123 min 25
堆叠集成加特征提取0.9510.9870.9531 min 30

Table 5

Comparison with other method"

来 源方 法精确度召回率F1分数类别数
本文

特征提取加

堆叠集成

0.9510.9870.9536
文献[24MLP0.8710.9950.8736
文献[25DeepGFL0.9484480.53112
文献[26MLP0.8840.8620.8722
文献[26LSTM0.9840.8980.8952

Fig.7

Confusion matrix of classification"

Table 6

Precision, recall, F1-score of every kind of data"

类别精确度召回率F1分数
00.980.990.98
10.720.830.77
20.850.770.81
30.960.960.96
40.970.940.96
50.991.001.00
60.960.950.95
70.990.980.98

Table 7

Average results of the whole dataset"

精确度召回率F1分数
宏平均0.930.930.93
加权平均0.970.970.97
1 Gaikwad D P, Thool R C.Intrusion detection system using bagging ensemble method of machine learning[C]∥International Conference on Computing Communication Control and Automation, Pune, India,2015: 291-295.
2 Shen Y, Zheng K, Wu C, et al. An ensemble method based on selection using bat algorithm for intrusion detection[J]. The Computer Journal, 2018, 61(4): 526-538.
3 Bhati B S, Chugh G, Al‐Turjman F, et al. An improved ensemble based intrusion detection technique using XGBoost[J]. Transactions on Emerging TeleCommunications Technologies, 2021, 32(6): No.e4076.
4 Mnih V, Heess N, Graves A, et al. Recurrent models of visual attention[J]. Advances in Neural Information Processing Systems, 2014, 27:1-12.
5 Ahmad I. Feature selection using particle swarm optimization in intrusion detection[J]. International Journal of Distributed Sensor Networks, 2015, 11(10):No. 806954.
6 Dickson A, Thomas C. Improved PSO for optimizing the performance of intrusion detection systems[J]. Journal of Intelligent & Fuzzy Systems, 2020, 38(5): 6537-6547.
7 Aziz M R, Alfoudi A S. Feature selection of the anomaly network intrusion detection based on restoration particle swarm optimization[J]. International Journal of Intelligent Engineering & Systems, 2022, 15(5):592-600.
8 Wei P, Li Y F, Zhang Z, et al. An optimization method for intrusion detection classification model based on deep belief network[J]. IEEE Access, 2019, 7: 87593-87605.
9 Panigrahi R, Borah S. A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems[J]. International Journal of Engineering & Technology, 2018, 7(3): 479-482.
10 Goryunov M N, Matskevich A G, Rybolovlev D A. Synthesis of a machine learning model for detecting computer attacks based on the Cicids2017 dataset[J]. Proceedings of the Institute for System Programming of the RAS, 2020, 32(5): 81-94.
11 Stiawan D, Idris M Y B, Bamhdi A M, et al. CICIDS-2017 dataset feature analysis with information gain for anomaly detection[J]. IEEE Access, 2020, 8:132911-132921.
12 Salo F, Injadat M, Nassif A B, et al. Data mining techniques in intrusion detection systems: a systematic literature review[J]. IEEE Access, 2018, 6: 56046-56058.
13 Turnipseed I P. A new scada dataset for intrusion detection research[D]. Starkville:James Worth Bagley College of Engineering,Mississippi State University, 2015.
14 Rastogi A K, Narang N, Siddiqui Z A. Imbalanced big data classification: a distributed implementation of smote[C]∥Proceedings of the Workshop Program of the 19th International Conference on Distributed Computing and Networking, Varanasi, India,2018: 1-6.
15 Myles A J, Feudale R N, Liu Y, et al. An introduction to decision tree modeling[J]. Journal of Chemometrics: a Journal of the Chemometrics Society, 2004, 18(6): 275-285.
16 Biau G, Scornet E. A random forest guided tour[J]. Test, 2016, 25: 197-227.
17 Chen T, He T, Benesty M, et al. Xgboost: extreme gradient boosting(version 0.4-2)[DB/OL]. [2015-12-13]. .
18 温博文, 董文瀚, 解武杰, 等. 基于改进网格搜索算法的随机森林参数优化[J]. 计算机工程与应用, 2018, 54(10): 154-157.
Wen Bo-wen, Dong Wen-han, Xie Wu-jie, et al. Parameter optimization method for random forest based on improved grid search algorithm[J]. Computer Engineering and Applications,2018,54(10):154-157.
19 Pattawaro A, Polprasert C. Anomaly-based network intrusion detection system through feature selection and hybrid machine learning technique[C]∥The 16th International Conference on ICT and Knowledge Engineering(ICT&KE), Bangkok, Thailand, 2018: 1-6.
20 李红亚, 彭昱忠, 邓楚燕, 等. GA与PSO的混合研究综述[J]. 计算机工程与应用,2018, 54(2): 20-28.
Li Hong-ya, Peng Yu-zhong, Deng Chu-yan, et al. Review of hybrids of GA and PSO[J]. Computer Engineering and Applications, 2018, 54(2):20-28.
21 Mohammed M, Mwambi H, Omolo B, et al. Using stacking ensemble for microarray-based cancer classification[C]∥International Conference on Computer, Control, Electrical, and Electronics Engineering, Khartoum, Sudan, 2018: 1-8.
22 王辉, 李昌刚.Stacking集成学习方法在销售预测中的应用[J]. 计算机应用与软件, 2020, 37(8): 85-90.
Wang Hui, Li Chang-gang. Application of Stacking integrated learning method in sales forecasting[J]. Computer Applications and Software, 2020, 37(8):85-90.
23 张开放, 苏华友, 窦勇. 一种基于混淆矩阵的多分类任务准确率评估新方法[J].计算机工程与科学,2021, 43(11): 1910-1919.
Zhang Kai-fang, Su Hua-you, Dou Yong. A new multi-classification task accuracy evaluation method based on confusion matrix[J]. Computer Engineering & Science, 2021, 43(11): 1910-1919.
24 Belarbi O, Khan A, Carnelli P, et al. An intrusion detection system based on deep belief networks[C]∥International Conference on Science of Cyber Security,Matsue, Japan, 2022: 377-392.
25 Yao Y, Su L, Lu Z. DeepGFL: deep feature learning via graph for attack detection on flow-based network traffic[C]∥IEEE Military Communications Conference(MILCOM),Los Angeles, USA, 2018: 579-584.
26 Roopak M, Tian G Y, Chambers J. Deep learning models for cyber security in IoT networks[C]∥IEEE The 9th Annual Computing and Communication Workshop and Conference, Las Vegas, USA,2019: 452-457.
[1] Yue HOU,Jin-song GUO,Wei LIN,Di ZHANG,Yue WU,Xin ZHANG. Multi-view video speed extraction method that can be segmented across lane demarcation lines [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(5): 1692-1704.
[2] Hong-wei ZHAO,Ming-zhu ZHOU,Ping-ping LIU,Qiu-zhan ZHOU. Medical image segmentation based on confident learning and collaborative training [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(5): 1675-1681.
[3] Zi-hao SHEN,Yong-sheng GAO,Hui WANG,Pei-qian LIU,Kun LIU. Deep deterministic policy gradient caching method for privacy protection in Internet of Vehicles [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(5): 1638-1647.
[4] You-wei WANG,Ao LIU,Li-zhou FENG. New method for text sentiment classification based on knowledge distillation and comment time [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(5): 1664-1674.
[5] Tao XU,Shuai-di KONG,Cai-hua LIU,Shi LI. Overview of heterogeneous confidential computing [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(3): 755-770.
[6] Yin-fei DAI,Xiu-zhen ZHOU,Yu-bao LIU,Zhi-yuan LIU. In⁃vehicle network intrusion detection system based on CAN bus data [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(3): 857-865.
[7] Meng-xue ZHAO,Xiang-jiu CHE,Huan XU,Quan-le LIU. A method for generating proposals of medical image based on prior knowledge optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(2): 722-730.
[8] Xiao-dong CAI,Qing-song ZHOU,Yan-yan ZHANG,Yun XUE. Social recommendation based on global capture of dynamic, static and relational features [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(2): 700-708.
[9] Xiang-jiu CHE,Yu-ning WU,Quan-le LIU. A weighted isomorphic graph classification algorithm based on causal feature learning [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(2): 681-686.
[10] Xiao-ran GUO,Tie-jun WANG,Yue YAN. Entity relationship extraction method based on local attention and local remote supervision [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(1): 307-315.
[11] Hao WANG,Bin ZHAO,Guo-hua LIU. Temporal and motion enhancement for video action recognition [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(1): 339-346.
[12] Yuan-ning LIU,Zi-nan ZANG,Hao ZHANG,Zhen LIU. Deep learning-based method for ribonucleic acid secondary structure prediction [J]. Journal of Jilin University(Engineering and Technology Edition), 2025, 55(1): 297-306.
[13] Lu Li,Jun-qi Song,Ming Zhu,He-qun Tan,Yu-fan Zhou,Chao-qi Sun,Cheng-yu Zhou. Object extraction of yellow catfish based on RGHS image enhancement and improved YOLOv5 network [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(9): 2638-2645.
[14] Hong-wei ZHAO,Hong WU,Ke MA,Hai LI. Image classification framework based on knowledge distillation [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(8): 2307-2312.
[15] Yun-zuo ZHANG,Yu-xin ZHENG,Cun-yu WU,Tian ZHANG. Accurate lane detection of complex environment based on double feature extraction network [J]. Journal of Jilin University(Engineering and Technology Edition), 2024, 54(7): 1894-1902.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
[1] LI Shoutao, LI Yuanchun. Autonomous Mobile Robot Control Algorithm Based on Hierarchical Fuzzy Behaviors in Unknown Environments[J]. 吉林大学学报(工学版), 2005, 35(04): 391 -397 .
[2] Liu Qing-min,Wang Long-shan,Chen Xiang-wei,Li Guo-fa. Ball nut detection by machine vision[J]. 吉林大学学报(工学版), 2006, 36(04): 534 -538 .
[3] Li Hong-ying; Shi Wei-guang;Gan Shu-cai. Electromagnetic properties and microwave absorbing property
of Z type hexaferrite Ba3-xLaxCo2Fe24O41[J]. 吉林大学学报(工学版), 2006, 36(06): 856 -0860 .
[4] Yang Shu-kai, Song Chuan-xue, An Xiao-juan, Cai Zhang-lin . Analyzing effects of suspension bushing elasticity
on vehicle yaw response character with virtual prototype method[J]. 吉林大学学报(工学版), 2007, 37(05): 994 -0999 .
[5] . [J]. 吉林大学学报(工学版), 2007, 37(06): 1284 -1287 .
[6] Che Xiang-jiu,Liu Da-you,Wang Zheng-xuan . Construction of joining surface with G1 continuity for two NURBS surfaces[J]. 吉林大学学报(工学版), 2007, 37(04): 838 -841 .
[7] Liu Han-bing, Jiao Yu-ling, Liang Chun-yu,Qin Wei-jun . Effect of shape function on computing precision in meshless methods[J]. 吉林大学学报(工学版), 2007, 37(03): 715 -0720 .
[8] Zhang Quan-fa,Li Ming-zhe,Sun Gang,Ge Xin . Comparison between flexible and rigid blank-holding in multi-point forming[J]. 吉林大学学报(工学版), 2007, 37(01): 25 -30 .
[9] . [J]. 吉林大学学报(工学版), 2007, 37(04): 0 .
[10] Li Yue-ying,Liu Yong-bing,Chen Hua . Surface hardening and tribological properties of a cam materials[J]. 吉林大学学报(工学版), 2007, 37(05): 1064 -1068 .
Copyright © Journal of Jilin University(Engineering and Technology Edition), All Rights Reserved.
Tel: +86-431-85095297 Fax: +86-431-85094074 E-mail: xbgxb@jlu.edu.cn
Powered by Beijing Magtech Co. Ltd