• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권2호
• /
• pp.702-723
• /
• 2020

The application of machine learning (ML) in intrusion detection has attracted much attention with the rapid growth of information security threat. As an efficient multi-label classifier, kernel extreme learning machine (KELM) has been gradually used in intrusion detection system. However, the performance of KELM heavily relies on the kernel selection. In this paper, a novel multiple kernel extreme learning machine (MKELM) model combining the ReliefF with nature-inspired methods is proposed for intrusion detection. The MKELM is designed to estimate whether the attack is carried out and the ReliefF is used as a preprocessor of MKELM to select appropriate features. In addition, the nature-inspired methods whose fitness functions are defined based on the kernel alignment are employed to build the optimal composite kernel in the MKELM. The KDD99, NSL and Kyoto datasets are used to evaluate the performance of the model. The experimental results indicate that the optimal composite kernel function can be determined by using any heuristic optimization method, including PSO, GA, GWO, BA and DE. Since the filter-based feature selection method is combined with the multiple kernel learning approach independent of the classifier, the proposed model can have a good performance while saving a lot of training time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.5765-5781
• /
• 2018

Extreme learning machine (ELM) is emerging as a powerful machine learning method in a variety of application scenarios due to its promising advantages of high accuracy, fast learning speed and easy of implementation. However, how to select the optimal hidden layer of ELM is still an open question in the ELM community. Basically, the number of hidden layer nodes is a sensitive hyperparameter that significantly affects the performance of ELM. To address this challenging problem, we propose to adopt multiple kernel learning (MKL) to design a multi-hidden-layer-kernel ELM (MHLK-ELM). Specifically, we first integrate kernel functions with random feature mapping of ELM to design a hidden-layer-kernel ELM (HLK-ELM), which serves as the base of MHLK-ELM. Then, we utilize the MKL method to propose two versions of MHLK-ELMs, called sparse and non-sparse MHLK-ELMs. Both two types of MHLK-ELMs can effectively find out the optimal linear combination of multiple HLK-ELMs for different classification and regression problems. Experimental results on seven data sets, among which three data sets are relevant to classification and four ones are relevant to regression, demonstrate that the proposed MHLK-ELM achieves superior performance compared with conventional ELM and basic HLK-ELM.

• Journal of Information Processing Systems
• /
• 제18권1호
• /
• pp.146-158
• /
• 2022

With the success of the digital economy and the rapid development of its technology, network security has received increasing attention. Intrusion detection technology has always been a focus and hotspot of research. A hybrid model that combines particle swarm optimization (PSO) and kernel extreme learning machine (KELM) is presented in this work. Continuous-valued PSO and binary PSO (BPSO) are adopted together to determine the parameter combination and the feature subset. A fitness function based on the detection rate and the number of selected features is proposed. The results show that the method can simultaneously determine the parameter values and select features. Furthermore, competitive or better accuracy can be obtained using approximately one quarter of the raw input features. Experiments proved that our method is slightly better than the genetic algorithm-based KELM model.

• Journal of Electrical Engineering and Technology
• /
• 제11권4호
• /
• pp.993-1002
• /
• 2016

Hepatitis is a major public health problem all around the world. This paper proposes an automatic disease diagnosis system for hepatitis based on Genetic Algorithm (GA) Wavelet Kernel (WK) Extreme Learning Machines (ELM). The classifier used in this paper is single layer neural network (SLNN) and it is trained by ELM learning method. The hepatitis disease datasets are obtained from UCI machine learning database. In Wavelet Kernel Extreme Learning Machine (WK-ELM) structure, there are three adjustable parameters of wavelet kernel. These parameters and the numbers of hidden neurons play a major role in the performance of ELM. Therefore, values of these parameters and numbers of hidden neurons should be tuned carefully based on the solved problem. In this study, the optimum values of these parameters and the numbers of hidden neurons of ELM were obtained by using Genetic Algorithm (GA). The performance of proposed GA-WK-ELM method is evaluated using statical methods such as classification accuracy, sensitivity and specivity analysis and ROC curves. The results of the proposed GA-WK-ELM method are compared with the results of the previous hepatitis disease studies using same database as well as different database. When previous studies are investigated, it is clearly seen that the high classification accuracies have been obtained in case of reducing the feature vector to low dimension. However, proposed GA-WK-ELM method gives satisfactory results without reducing the feature vector. The calculated highest classification accuracy of proposed GA-WK-ELM method is found as 96.642 %.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권7호
• /
• pp.3076-3092
• /
• 2020

An IKPCA-ELM-based intrusion detection method is developed to address the problem of the low accuracy and slow speed of intrusion detection caused by redundancies and high dimensions of data in the network. First, in order to reduce the effects of uneven sample distribution and sample attribute differences on the extraction of KPCA features, the sample attribute mean and mean square error are introduced into the Gaussian radial basis function and polynomial kernel function respectively, and the two improved kernel functions are combined to construct a hybrid kernel function. Second, an improved particle swarm optimization (IPSO) algorithm is proposed to determine the optimal hybrid kernel function for improved kernel principal component analysis (IKPCA). Finally, IKPCA is conducted to complete feature extraction, and an extreme learning machine (ELM) is applied to classify common attack type detection. The experimental results demonstrate the effectiveness of the constructed hybrid kernel function. Compared with other intrusion detection methods, IKPCA-ELM not only ensures high accuracy rates, but also reduces the detection time and false alarm rate, especially reducing the false alarm rate of small sample attacks.

• 대한토목학회논문집
• /
• 제26권3B호
• /
• pp.279-289
• /
• 2006

최근에 수문시계열로부터 저차원의 비선형 거동을 재구성하고자 하는 연구가 활발히 진행되고 있다. 이러한 관점에서 본 연구에서는 Support Vector Machine(SVM)을 이용하여 우수한 상태-공간 재구성 능력을 갖는 비선형 예측모형을 구성하여 Great Salt Lake(GSL) Volume에 적용하였다. SVM은 Kernel 함수로부터 유도된 고차원의 특성공간 안에서 선형함수의 가상공간을 이용하는 Machine Learning 방법론이다. 또한 SVM은 훈련자료로부터 얻어지는 평균제곱오차가 아닌 일반화된 오차를 최소화함으로써 상대적으로 기존 방법에 비해 적은 수의 매개변수와 과적합(over fitting)을 피하면서 비선형 함수의 최적화가 가능하다. 본 연구에서 제시한 SVM 회귀분석의 적용성은 미국의 GSL의 2주 간격 Volume을 대상으로 검토하였다. SVM을 이용한 비선형 예측모형은 GSL Volume의 2주(1-Step), 8주(4-Step)와 반복예측(Iterated Prediction, 121-Step)까지 적용되었다. 본 연구에서는 극치사상 즉, 급격한 감소 및 증가 구간을 예측하는데 있어서 훈련구간과 예측구간을 구분하여 모형의 신뢰성을 평가하였다. 예측결과SVM은 훈련자료로부터 적은 수의 관측치를 이용하여 동역학적 거동을 추출할 수 있었으며 실제 관측자료와 거의 유사한 예측이 가능함을 통계적 지표로 확인할 수 있었다. 따라서 비선형 수문시계열의 단기 예측을 위한 모형으로 적용이 가능할 것으로 판단된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권11호
• /
• pp.4011-4027
• /
• 2021

Cloud Computing has emerged as an extensively used technology not only in the IT sector but almost in all sectors. As the nature of the cloud is distributed and dynamic, the jeopardies present in the current implementations of virtualization, numerous security threats and attacks have been reported. Considering the potent architecture and the system complexity, it is indispensable to adopt fundamentals. This paper proposes a secure authentication and data sharing scheme for providing security to the cloud data. An efficient IPSO-KELM is proposed for detecting the malicious behaviour of the user. Initially, the proposed method starts with the authentication phase of the data sender. After authentication, the sender sends the data to the cloud, and the IPSO-KELM identifies if the received data from the sender is an attacked one or normal data i.e. the algorithm identifies if the data is received from a malicious sender or authenticated sender. If the data received from the sender is identified to be normal data, then the data is securely shared with the data receiver using SHA256-RSA algorithm. The upshot of the proposed method are scrutinized by identifying the dissimilarities with the other existing techniques to confirm that the proposed IPSO-KELM and SHA256-RSA works well for malicious user detection and secure data sharing in the cloud.