Abstract: Intrusion detection is a highlighted topic of network security research in recent years. Intrusion detection method based on ensemble learning is studied by using multiple classifiers. Some classifiers are created by Bootstrap technique. To improve their diversity, clustering technique is applied to them for choosing diverse individuals in each cluster. Then different fusion techniques are used to combine different classification results. Experiments are conducted with intrusion detection data set and show that intrusion detection based on ensemble learning is effective.

Key words: ensemble learning, fusion, intrusion detection, generalization capability

摘要： 入侵检测是近年来网络安全研究的热点。利用多分类器技术，研究了基于集成学习的入侵检测方法。应用Bootstrap技术生成分类器个体，为了提高分类器的差异性，应用聚类技术对分类器进行聚类，在相应的聚类结果中选取不同的分类器个体，并选择不同的融合方法对分类结果进行融合。针对入侵检测数据的实验表明了该集成技术的有效性。

关键词: 集成学习, 融合, 入侵检测, 泛化性能

CLC Number: 

• TP391