Network Intrusion Detection Based on PSO-Xgboost Model

Abstract

Network intrusion detection system (NIDS) is a commonly used tool to detect attacks and protect networks, while one of its general limitations is the false positive issue. On the basis of our comparative experiments and analysis for the characteristics of the particle swarm optimization (PSO) and Xgboost, this paper proposes the PSO-Xgboost model given its overall higher classification accuracy than other alternative models such like Xgboost, Random Forest, Bagging and Adaboost. Firstly, a classification model based on Xgboost is constructed, and then PSO is used to adaptively search for the optimal structure of Xgboost. The benchmark NSL-KDD dataset is used to evaluate the proposed model. Our experimental results demonstrate that PSO-Xgboost model outperforms other comparative models in precision, recall, macro-average (macro) and mean average precision (mAP), especially when identifying minority groups of attacks like U2R and R2L. This work also provides experimental arguments for the application of swarm intelligence in NIDS.