FSAFA-stacking2: An Effective Ensemble Learning Model for Intrusion Detection with Firefly Algorithm Based Feature Selection

This paper presents a two-layer ensemble learning model stacking2 based on the Stacking framework to deal with the problems of lack of generalization ability and low detection rate of single model intrusion detection system. The stacking2 uses SAMME, GBDT, and RF to generate the primary learner in the first layer and constructs the meta learner using the logistic regression algorithm in the second layer. The meta learner learns from the class probability outputs produced by the primary learner. In order to solve "the curse of dimensionality" of intrusion detection dataset, this paper proposes the feature selection approach based on firefly algorithm (FSAFA), which is used to select the optimal feature subsets. Based on the selected optimal feature subsets, the training set and test set are reconstructed and then applied to stacking2. As a result, a FSAFA based stacking2 intrusion detection model is proposed. The UNSW-NB15 and NSL-KDD datasets are chosen to verify the effectiveness of the proposed model. The experiment results show that the stacking2 intrusion detection model has better generalization ability than the individual learner based intrusion detection models. Compared with other typical algorithms, the FSAFA based stacking2 intrusion detection model has good performance in detection rate.