Next Article in Journal
Power Efficiency Improvement of Three-Phase Split-Output Inverter Using Magnetically Coupled Inductor Switching
Next Article in Special Issue
Fully Convolutional Single-Crop Siamese Networks for Real-Time Visual Object Tracking
Previous Article in Journal
Passive Current Control Design for MMC in HVDC Systems through Energy Reshaping
Previous Article in Special Issue
Ship Target Detection Algorithm Based on Improved Faster R-CNN
Open AccessArticle

Dynamic Deep Forest: An Ensemble Classification Method for Network Intrusion Detection

by Bo Hu 1,*, Jinxi Wang 1, Yifan Zhu 1 and Tan Yang 2
1
State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China
2
School of Software Engineering, Beijing University of Posts and Telecommunications, Beijing 100876, China
*
Author to whom correspondence should be addressed.
Electronics 2019, 8(9), 968; https://doi.org/10.3390/electronics8090968
Received: 25 July 2019 / Revised: 21 August 2019 / Accepted: 28 August 2019 / Published: 30 August 2019
(This article belongs to the Special Issue Deep Neural Networks and Their Applications)
Network Intrusion Detection System (NIDS) is one of the key technologies to prevent network attacks and data leakage. In combination with machine learning, intrusion detection has achieved great progress in recent years. However, due to the diversity of intrusion types, the representation learning ability of the existing models is still deficient, which limits the further improvement of the detection performance. Meanwhile, with the increasing of model complexity, the training time becomes longer and longer. In this paper, we propose a Dynamic Deep Forest method for network intrusion detection. It uses cascade tree structure to strengthen the representation learning ability. At the same time, the training process is accelerated due to small-scale parameter fitting and dynamic level-growing strategy. The proposed Dynamic Deep Forest is a tree-based ensemble approach and consists of two parts. The first part, Multi-Grained Traversing, uses selectors to pick up features as complete as possible. The selectors are constructed dynamically so that the training process will stop as soon as the optimal feature combination is found. The second part, Cascade Forest, introduces level-by-level tree structures. It has fewer hyper-parameters and follows a dynamic level-growing strategy to reduce model complexity. In experiments, we evaluate our model on network intrusion dataset KDD’99. The results show that the Dynamic Deep Forest method obtains higher recall and precision through a short time of model training. Moreover, the Dynamic Deep Forest method has lower risk of misclassification, which is more stable and reliable in a real network environment. View Full-Text
Keywords: dynamic deep forest; tree-based ensemble approach; machine learning; network intrusion detection dynamic deep forest; tree-based ensemble approach; machine learning; network intrusion detection
Show Figures

Figure 1

MDPI and ACS Style

Hu, B.; Wang, J.; Zhu, Y.; Yang, T. Dynamic Deep Forest: An Ensemble Classification Method for Network Intrusion Detection. Electronics 2019, 8, 968.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop