Research Area:  Machine Learning
Since Internet is so popular and prevailing in human life, network security has become a very important issue and attracted a lot of study and practice. To detect or prevent network attacks, a network intrusion detection (NID) system may be equipped with machine learning algorithms to achieve better accuracy and faster detection speed. Applying machine learning has another major advantage that expert knowledge is not needed as much as the black or white list model. Extreme learning machines (ELMs) are single-layer artificial neural networks not required to be iteratively trained. Therefore, their learning speed is fast, and speed is crucial in the success of network intrusion detection systems for them to take prompt, effective defending reactions. Huang et al. proposed the equality constrained-optimization-based ELM (C-ELM) which is a modified version of ELM by integrating with the features of least squares support vector machines. In this paper, we apply C-ELM to network intrusion detection. An adaptively incremental learning strategy is proposed to derive the optimal number of hidden neurons. The optimization criteria and a way of adaptively increasing hidden neurons with binary search are developed. A broad number of experiments have been done and the results show that our proposed approach is effective in building models with good attack detection rates and fast learning speed.
Author(s) Name:  Cheng-Ru Wang,Rong-Fang Xu,Shie-Jue Lee,Chie-Hong Lee
Journal name:  Knowledge-Based Systems
Publisher name:  ELSEVIER
Volume Information:  Volume 147, 1 May 2018, Pages 68-80
Paper Link:   https://www.sciencedirect.com/science/article/abs/pii/S0950705118300613