A network intrusion detection method based on context linucb

By combining feature engineering, heterogeneous base classifier pooling, and meta-learners, the network intrusion detection method based on context LinUCB dynamically adjusts model dependencies, solving the problems of insufficient generalization ability and insufficient cost awareness in traditional network intrusion detection systems when facing complex threats, and achieving efficient network intrusion detection.

CN122372344APending Publication Date: 2026-07-10CHENGDU UNIV OF INFORMATION TECH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
CHENGDU UNIV OF INFORMATION TECH
Filing Date
2026-06-10
Publication Date
2026-07-10

AI Technical Summary

Technical Problem

Traditional network intrusion detection systems lack generalization capabilities when facing complex advanced persistent threats. Static integration methods cannot adapt to the conceptual drift of network traffic and lack cost-aware dynamic constraint mechanisms, resulting in high false alarm or false negative rates and an inability to effectively respond to modern network attacks.

Method used

A context-based LinUCB-based network intrusion detection method is adopted. By combining feature engineering, heterogeneous base classifier pool, LinUCB agent and meta-learner, the model dependency is dynamically adjusted. The detection is performed by combining asymmetric cost sensitive reward matrix and logistic regression, so as to realize dynamic switching of defense posture.

Benefits of technology

It improves the robustness and flexibility of network intrusion detection, can dynamically adjust according to real-time network status, reduce false alarm rate and false negative rate, adapt to complex network environment, and alleviate alarm fatigue problem.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122372344A_ABST
    Figure CN122372344A_ABST
Patent Text Reader

Abstract

This invention discloses a network intrusion detection method based on contextual LinUCB, belonging to the field of network intrusion detection technology. The method includes: preprocessing the original traffic through outlier limiting and robust scaling to refine the data into a high-information-density context vector; inputting the context vector into a heterogeneous base classifier pool and a LinUCB agent respectively, outputting a set of prediction results and a set of confidence scores respectively; horizontally concatenating the set of prediction results and the set of confidence scores and inputting them into a meta-learner to output the continuous probability that the current network traffic is an attack; converting the continuous probability into classification labels according to the optimal candidate threshold, and outputting the network intrusion detection result. This method can achieve hot switching of protection strategies without retraining the underlying model, effectively alleviating the fatigue of industrial IDS alarms and the failure to detect high-risk penetration, and mitigating the rigid decision-making limitations of traditional static IDS.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of network intrusion detection technology, and in particular to a network intrusion detection method based on contextual LinUCB. Background Technology

[0002] Amid the wave of digital transformation and the widespread deployment of the Internet of Things (IoT), global information infrastructure is facing unprecedented security challenges. Cyberattack methods are becoming increasingly sophisticated, evolving from traditional script attacks to highly covert, persistent, and adaptive advanced persistent threats (APTs). Attackers often exploit zero-day vulnerabilities and polymorphic malware to evade detection. Traditional network intrusion detection systems primarily rely on signature-based misuse detection and statistical baseline-based anomaly detection. These methods lack generalization capabilities when facing variant attacks, or are accompanied by extremely high false positive rates, making it difficult to adapt to the conceptual shifts in network traffic.

[0003] To overcome the limitations of single models, ensemble learning has been widely introduced into the field of intrusion detection, reducing variance and improving robustness by aggregating the predictions of multiple base classifiers. However, existing ensemble schemes (such as simple majority voting or static weighted averaging) mostly employ static aggregation strategies, assuming that all base classifiers have fixed capabilities in any scenario. This "optimize once, use forever" static mechanism has significant drawbacks in highly dynamic network adversarial environments: when faced with concept drift and specific samples, static ensembles cannot dynamically adjust model dependencies according to real-time network states, and are highly susceptible to the influence of models that perform poorly in specific scenarios.

[0004] Furthermore, in real-world cybersecurity confrontations, the cost of model prediction errors is extremely asymmetrical. Misclassifying normal users as attackers (false positives, FP) leads to alarm fatigue and increased operational costs, while failing to classify malicious attacks as normal traffic (false negatives, FN) can result in core data leaks and system paralysis. Traditional models and static integrations mostly optimize by maximizing global accuracy, lacking cost-aware dynamic constraint mechanisms. Summary of the Invention

[0005] The purpose of this invention is to provide a network intrusion detection method based on contextual LinUCB, which solves the limitations of static integration methods in traditional network intrusion detection systems and the problem of insufficient cost sensitivity of existing models in the game between false positives and false negatives.

[0006] To achieve the above objectives, this invention provides a network intrusion detection method based on contextual LinUCB, comprising the following steps: Step 100: The raw network traffic is input into the feature engineering layer for preprocessing, and the output is an environment context vector; the processing flow of the feature engineering layer includes outlier limiting and robust scaling, as well as two-stage hybrid feature selection based on MI-RFECV. Step 200: Input the environment context vector into the trained heterogeneous base classifier pool. Each base classifier outputs its corresponding prediction result, and the results are concatenated to obtain a set of prediction results. Step 300: Input the environmental context vector into the trained LinUCB agent that uses an asymmetric cost-sensitive reward matrix for reward calculation, output the confidence scores corresponding to each base classifier and concatenate them to obtain a set of confidence scores. Step 400: The prediction result set and the confidence score set are horizontally concatenated to generate a higher-order augmented feature vector. The higher-order augmented feature vector is input into the trained meta-learner, which outputs the continuous probability that the current network traffic is an attack. The continuous probability is converted into a classification label according to the optimal candidate threshold, and the network intrusion detection result is output.

[0007] Furthermore, in step 100, outlier limiting and robust scaling include the following steps: Step 101: Truncate the data by calculating the finite boundary values ​​of each feature dimension, and repair missing records using the median interpolation method; Step 102: Based on the interquartile range, outliers that exceed the set range are forcibly pulled back to the critical threshold. Step 103: The features are dimensionless using the pre-fitted median and interquartile range to obtain a preprocessed feature subset.

[0008] Furthermore, in step 100, the two-stage hybrid feature selection method based on MI-RFECV includes: Phase 1: Calculate the mutual information score between each feature in the preprocessed feature subset and the target label; set a hard threshold to filter out redundant features with mutual information scores lower than the hard threshold, and obtain a high-scoring feature subset; Phase 2: Step 104, initialize the iterative feature subset as the high-scoring feature subset; Step 105: Train a random forest model on the iterative feature subset and obtain the importance score of each feature in the iterative feature subset from the random forest model; Step 106: Sort the features of the iterative feature subset in descending order of importance score, and remove the bottom 5% of features by importance score to obtain the updated iterative feature subset; Step 107: Perform k-fold cross-validation on the updated iterative feature subset, calculate the average classification accuracy, and record the cross-validation score corresponding to the iterative feature subset. Step 108: When the cross-validation score reaches its peak and the feature dimension is reduced to its simplest form, the iteration stops and the context vector is output; otherwise, steps 105-108 are repeated.

[0009] Furthermore, in step 200, the heterogeneous base classifier pool includes at least two base classifiers, which are models constructed based on different machine learning algorithms.

[0010] Further, in step 300, the step of inputting the environmental context vector into the trained LinUCB agent that uses an asymmetric cost-sensitive reward matrix for reward calculation, and outputting the confidence scores corresponding to each base classifier includes: Step 301: For base classifier a in the heterogeneous base classifier pool, read the covariance matrix and bias vector corresponding to base classifier a. The covariance matrix and bias vector are obtained after being updated by the asymmetric cost-sensitive reward matrix during the training phase of the LinUCB agent. Step 302, calculate the weight vector of the base classifier a, using the following formula: ; in, Let a be the weight vector of the base classifier a. Let be the covariance matrix of the base classifier a. is the bias vector of the base classifier a; Step 303: Calculate the expected reward based on the environmental context vector and weight vector. The calculation formula is as follows: ; in The expected reward of base classifier a, Let be the environment context vector at time t. For transpose; Step 304: Introduce the exploration intensity coefficient and calculate the confidence score of the base classifier a. The calculation formula is as follows: ; in, Let be the confidence score of the base classifier a at time t. To explore the strength coefficient; Step 305: Repeat steps 301 to 304 until the confidence scores of all base classifiers are obtained.

[0011] Furthermore, in step 300, the training process of the LinUCB agent is as follows: Step A: For base classifier a in the heterogeneous base classifier pool, initialize its corresponding covariance matrix and bias vector; Step B: Obtain the environment context vector and its corresponding real label; Step C: For each base classifier, calculate the confidence score and select the base classifier with the highest confidence score as the optimal base classifier; Step D, call the optimal base classifier for prediction: input the environmental context vector into the selected optimal base classifier to obtain the predicted label output by the optimal base classifier; Step E: Calculate the reward value based on the true and predicted labels of the environmental context vector and the preset asymmetric cost-sensitive reward matrix; Step F: Based on the optimal base classifier, the current environmental context vector, and the calculated reward value, update the covariance matrix and bias vector of the optimal base classifier according to the following formula: ; ; in, For the optimal base classifier The covariance matrix, For the optimal base classifier The bias vector, The optimal base classifier at time t The reward value; Step G: Repeat steps B to F until all training samples have been traversed or the preset termination condition has been reached, and the trained LinUCB agent is obtained.

[0012] Furthermore, in step 300, the asymmetric cost-sensitive reward matrix is ​​configured as follows: When both the true label and the predicted label are attack, the reward value is a positive true positive reward value. When both the true label and the predicted label are normal, the reward value is a positive true negative reward value. When the true label is normal and the predicted label is attack, the reward value is a negative false positive penalty value; When the true label is "attack" and the predicted label is "normal", the reward value is a negative false negative penalty value.

[0013] Furthermore, in step 400, the higher-order augmented feature vector is input into the trained meta-learner, and the formula for calculating the continuous probability that the current network traffic is an attack is as follows: ; in, For higher-order augmented feature vectors, This is the logistic regression weight matrix. For logistic regression bias, It is an exponential function. Let t be the continuous probability that the true label of the network traffic at time t is an attack.

[0014] Further, in step 400, the method for determining the optimal candidate threshold is as follows: traverse the candidate thresholds in the interval [0, 1] on an independent preset verification set, and select the candidate threshold that makes the preset performance evaluation index reach its maximum value as the optimal candidate threshold.

[0015] Therefore, the network intrusion detection method based on contextual LinUCB described above has the following beneficial effects: 1. A two-stage feature selection pipeline combining mutual information (MI) and recursive feature elimination (RFECV) was designed to eliminate redundant and noisy features, providing reinforcement learning agents with highly representative environmental context vectors. This accelerates the convergence of LinUCB agents while ensuring the high density and purity of the context state vectors. 2. A lightweight dynamic scheduling architecture based on LinUCB is proposed. This architecture breaks through some of the limitations of static weights in traditional ensemble learning. The LinUCB agent can adaptively assign decision weights to potential base classifiers according to the high-order features of real-time traffic, thereby alleviating the problems of concept drift and the easy submersion of long-tail samples. 3. By introducing a logistic regression-based meta-learner, the prediction results of multiple base classifiers are concatenated with continuous confidence scores and threshold optimization is performed to output a more robust final classification decision, avoiding the single-point failure risk caused by the hard selection of a single reinforcement learning agent. 4. By designing an asymmetric penalty matrix in a reinforcement learning environment, the system aligns detection preferences with preset security policies. The system can dynamically switch between three protection postures: "balanced protection," "business continuity priority (low false alarm rate)," and "penetration defense priority (low false alarm rate)," which helps alleviate alarm fatigue in industrial scenarios.

[0016] The technical solution of the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. Attached Figure Description

[0017] Figure 1 This is a flowchart of a network intrusion detection method based on contextual LinUCB according to the present invention; Figure 2 This is a distribution diagram of the CIC-IDS2017 mutual information score of the present invention; Figure 3 This is a graph showing the cross-validation accuracy of the present invention as a function of the number of selected features. Figure 4 This is a graph showing the reward variations of the linucb of the present invention in IDS 2017; Figure 5 This is a schematic diagram of the confusion matrix of the baseline equalization strategy of the present invention; Figure 6 This is a schematic diagram of the confusion matrix for the strict false alarm control strategy of the present invention; Figure 7 This is a schematic diagram of the obfuscation matrix for the strict control of false negatives strategy of the present invention; Figure 8 This is a model selection bias diagram under the benchmark equilibrium strategy, the strict false alarm control strategy, and the strict false alarm control strategy of the present invention. Figure 9 This is a schematic diagram of the confusion matrix in the absence of linucb according to the present invention. Detailed Implementation

[0018] The following detailed description of embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely illustrates selected embodiments of the invention. All other embodiments obtained by those skilled in the art based on the embodiments of the invention without inventive effort are within the scope of protection of the invention.

[0019] Please see Figure 1 A network intrusion detection method based on contextual LinUCB includes the following steps: Step 100: The raw network traffic is input into the feature engineering layer for preprocessing, and the output is an environmental context vector; The raw network traffic data first undergoes preprocessing in the feature engineering layer, primarily involving outlier limiting and robust scaling, as well as a two-stage hybrid feature selection based on MI-RFECV. Outlier limiting and robust scaling are used to eliminate the impact of extreme values ​​and dimensional differences on data distribution. Subsequently, a hybrid feature selection method combining Mutual Information (MI) and Recursive Feature Elimination (RFECV) with cross-validation is applied to remove redundant and noisy features, refining the high-dimensional data into a high-information-density feature vector. This vector directly serves as the "context" for subsequent reinforcement learning agents to perceive the environment. )".

[0020] In network intrusion detection systems, raw traffic data is typically high-dimensional, noisy, and contains significant redundancy between features. Directly inputting unprocessed raw data into a base classifier or reinforcement learning agent not only leads to severe "curse of dimensionality" and extremely high inference latency but also disrupts the LinUCB agent's accurate assessment of the context. Therefore, this invention designs a rigorous feature preprocessing method (outlier limiting and robust scaling) and a two-stage hybrid feature selection method (two-stage hybrid feature selection based on MI-RFECV). Specifically: Outlier limiting and robust scaling: Truncation and replacement are performed by calculating finite boundary values ​​for each dimension, and median interpolation is used to repair missing records to restore the continuity of the feature space, thus handling infinite or missing values ​​that may occur during data acquisition. Secondly, a tailing method based on the interquartile range (IQR) is used to suppress the interference of extreme outliers on the data distribution, reducing outliers beyond the range. Outliers within the range are forcibly pulled back to the critical threshold, thereby mitigating the impact of extreme values ​​without deleting samples. This represents the 25th percentile. This represents the 75th percentile. Finally, a robust standardization method based on the median and interquartile range (ICM) is employed to perform dimensionless processing of the data, eliminating the influence of differences in dimensions (units) between different features. This allows features to be compared and calculated on the same scale, resulting in a preprocessed feature subset. This method uses the median and ICM to replace the mean and standard deviation in traditional standardization. Because the median and ICM are insensitive to extreme values, they can effectively resist statistical biases caused by malicious traffic, preventing the normal traffic distribution from being distorted by attack traffic. Simultaneously, it preserves the key relative differences between normal and attack traffic, making it suitable for preprocessing network traffic data with outliers.

[0021] Two-Stage Hybrid Feature Selection Based on MI-RFECV: To significantly reduce the inference latency of the model's feature dimension optimization while ensuring high detection accuracy, a two-stage feature selection algorithm combining the advantages of "filtering" and "wrapping" is selected, hereinafter referred to as the MI-RFECV method. Phase 1: Nonlinear Filtering Based on Mutual Information (MI). Mutual information can effectively measure the linear and nonlinear dependencies between features and target labels. This phase calculates the MI scores of all features in the preprocessed feature subset and filters out redundant features with low scores (by setting a hard threshold, retaining features with scores higher than the hard threshold), ultimately obtaining a high-scoring feature subset. This step acts as a coarse-screening mechanism, quickly eliminating invalid features and significantly reducing the search space.

[0022] Phase Two: Recursive Feature Elimination and Cross-Validation (RFECV) Based on Random Forest. Building upon the initial MI (Minimum Injection) screening, a recursive feature elimination algorithm with cross-validation is further introduced. Using a random forest as the underlying feature estimator, the system iterates through the remaining feature space: in each iteration, the bottom 5% of features are eliminated based on their importance. Furthermore, to further reduce error and overfitting, k-compound cross-validation is used in the training of the base classifier to verify the classification accuracy of the current feature subset on the validation set. The iteration stops when the cross-validation score reaches its peak and the feature dimension is reduced to its minimum. The specific process is as follows: Step 104: Initialize the iterative feature subset as the high-scoring feature subset; Step 105: Train a random forest model on the iterative feature subset and obtain the importance score of each feature in the iterative feature subset from the random forest model; Step 106: Sort the features of the iterative feature subset in descending order of importance score, and remove the bottom 5% of features by importance score to obtain the updated iterative feature subset; Step 107: Perform k-fold cross-validation on the updated iterative feature subset, calculate the average classification accuracy, and record the cross-validation score corresponding to the iterative feature subset. Step 108: When the cross-validation score reaches its peak and the feature dimension is reduced to its simplest form, the iteration stops and the context vector is output; otherwise, steps 105-108 are repeated.

[0023] Furthermore, all feature preprocessing (outlier handling, robust scaling) and MI-RFECV feature selection are performed only on the base model training set, and the learned parameters and feature masks are applied to subsequent datasets to avoid data leakage issues in the feature selection process. Through the above two-stage joint screening, the original high-dimensional traffic data is refined into a compact feature subset (environmental context vector) with high discriminative power and low redundancy. This feature subset not only significantly reduces the online computational cost of the four heterogeneous base classifiers, but more importantly, it provides a highly condensed and highly representative environmental context vector for the subsequent LinUCB agent.

[0024] Step 200: Input the environment context vector into the trained heterogeneous base classifier pool. Each base classifier outputs its corresponding prediction result, and the results are concatenated to obtain a set of prediction results. This step constructs a heterogeneous base classifier pool consisting of pre-trained models with different algorithmic principles. The pool includes at least two base classifiers, each built based on a different machine learning algorithm. In this embodiment, the selected models are based on probability theory, geometric margin, and tree ensemble mechanisms, respectively, and their decision boundaries are highly complementary. The trained models act as "arms" in the reinforcement learning stochastic multi-arm decision problem. Given a real-time traffic context, each base classifier (arm) generates its initial predictions, which together form a prediction set that serves as the basis for subsequent reward calculations and arm selection strategies.

[0025] In the contextual multi-armed bandit (C-MAB) dynamic base classifier selection framework, a pool of heterogeneous base classifiers constitutes the agent's action space. To enable the agent to make meaningful scheduling choices in different network traffic contexts, candidate models must possess extremely high algorithmic diversity and decision complementarity. If the base models belong to the same paradigm (such as pure tree models or pure linear models), their decision boundaries will highly overlap, leading to the same systematic blind spots when facing the same type of unknown attacks, thus rendering dynamic selection meaningless.

[0026] Based on the aforementioned principle of diversity, this embodiment constructs an expert pool containing four heterogeneous base classifiers, starting from four distinct machine learning paradigms: probabilistic theory, geometric margin, parallel ensemble, and serial boosting. The details are as follows: Naive Bayes (NB): As a classic probabilistic generative model, NB is based on the assumption of feature conditional independence and uses Bayes' theorem to calculate posterior probabilities for classification. In network intrusion detection, NB has extremely low computational complexity and extremely fast inference latency, and can efficiently identify coarse-grained abnormal traffic with significant differences in feature distribution (such as large-scale DoS flood attacks).

[0027] Support Vector Machine (SVM): As a geometric margin model based on statistical learning theory, SVM aims to find the optimal classification hyperplane that maximizes the inter-class margin in a high-dimensional feature space. Faced with highly disguised sparse attack payloads in intrusion detection (such as stealthy penetration testing), SVM can provide a smooth and overfit-resistant nonlinear decision boundary by adhering to the principle of minimizing structural risk.

[0028] Random Forest (RF): As a representative of Bagging ensemble learning, RF constructs multiple independent decision trees through Bootstrap resampling and feature random subspace techniques. This mechanism, which introduces dual randomness (sample perturbation and feature perturbation), greatly reduces the model's prediction variance, making it exhibit excellent robustness when facing complex traffic containing high noise and fake features.

[0029] Extreme Gradient Boosting Tree: As a leading tree model within the Boosting framework, XGBoost continuously fits the prediction residuals of the preceding tree structure in a sequential manner by calculating the second-order Taylor expansion and introducing a regularization term. This mechanism enables it to have extremely low prediction bias and can keenly capture extremely imbalanced and difficult-to-distinguish covert attack samples in the IDS dataset.

[0030] The four heterogeneous base classifiers exhibit significant performance differences and preferences when handling different types of network attacks. For example, RF and XGBoost perform well in capturing complex rules, but are prone to overfitting under certain noise conditions; while NB, although limited in its overall accuracy, can provide reliable baseline decisions with extremely low overhead in specific contexts. This heterogeneity means that no single model can cover all attack types. This provides an ideal decision-making environment for the LinUCB agent: the LinUCB agent needs to dynamically weigh and schedule base classifiers with different inductive biases based on the real-time extracted traffic context vectors to maximize the expected cumulative benefit of the overall defense system.

[0031] While NB and SVM may perform poorly against highly nonlinear covert attacks, their inherent probabilistic inference and geometric segmentation properties make their error distributions highly independent of tree-based ensemble models (RF, XGBoost). If the candidate pool consists entirely of top-performing but algorithmically homogeneous models, they are highly susceptible to systematic misjudgments on the same difficult samples. Introducing a matrix of strong and weak models with varying performance not only greatly broadens the diversity of decision boundaries but, more importantly, creates a sufficiently differentiated and challenging action space for the LinUCB agent. It is this performance asymmetry that forces the Context Bandit algorithm to fully leverage its potential for state awareness and dynamic scheduling—calling on heavyweight models for precise interception under complex threats and on lightweight models (or using them as decision references) under obvious features, thereby maximizing the synergistic benefits of heterogeneous systems while ensuring a high overall defense baseline.

[0032] Step 300: Input the environmental context vector into the trained LinUCB agent that uses an asymmetric cost-sensitive reward matrix for reward calculation, output the confidence scores corresponding to each base classifier and concatenate them to obtain a set of confidence scores. This is the core decision-making layer of the framework, used to dynamically evaluate the relative reliability of each expert. Unlike traditional ensemble models that treat all base classifiers equally or assign static weights, the Linear Upper Confidence Bound (LinUCB) agent dynamically evaluates the current expected reliability of each base classifier based on a specific environmental context vector. Simultaneously, guided by an administrator-customizable asymmetric cost-sensitive reward matrix, the agent calculates a dynamic confidence score for each base classifier, which serves as a crucial basis for the final decision. The asymmetric cost-sensitive reward matrix helps make decisions more aligned with actual environmental requirements. The action space of the LinUCB agent includes the constructed... A set of heterogeneous base classifiers (in this embodiment) (i.e., NB, SVM, RF, XGBoost). The heterogeneous base classifier pool is adapted to the LinUCB action space, strictly mapping each heterogeneous base classifier to an independent "arm" in the LinUCB algorithm, forming a standardized action space where each action has a one-to-one mapping relationship with a base classifier. Step 300 specifically includes the following steps: Step 301: For base classifier a in the heterogeneous base classifier pool, read the covariance matrix and bias vector corresponding to the base classifier a, where the covariance matrix and bias vector are obtained after being updated by the asymmetric cost-sensitive reward matrix during the LinUCB agent training phase. Step 302, calculate the weight vector of the base classifier a, using the following formula: ; in, Let a be the weight vector of the base classifier a. Let be the covariance matrix of the base classifier a. is the bias vector of the base classifier a; Step 303: Calculate the expected reward based on the environmental context vector and weight vector. The calculation formula is as follows: ; in The expected reward of base classifier a, Let be the environment context vector at time t. For transpose; Step 304: Introduce the exploration intensity coefficient and calculate the confidence score of the base classifier a. The calculation formula is as follows: ; in, Let be the confidence score of the base classifier a at time t. To explore the strength coefficient; Step 305: Repeat steps 301 to 304 until the confidence scores of all base classifiers are obtained; Step 306: Concatenate the confidence scores of all base classifiers to obtain a set of confidence scores.

[0033] The context interaction logic based on LinUCB is as follows: The interaction process begins at the network environment end. The original network traffic is transformed into an environmental context vector after passing through the feature engineering layer. The environmental context vector carries the key features of the current traffic and is input to the LinUCB agent. After receiving the state, the agent calculates a confidence score for each candidate base classifier according to the upper confidence bound formula. This formula simultaneously integrates the profit estimation based on historical experience and the exploration of future potential. Subsequently, the LinUCB agent selects the optimal base classifier as the action by maximizing this score and schedules it to the network environment.

[0034] Within the network environment, the selected optimal base classifier classifies traffic and outputs the results. These results are not directly converted into a fixed reward; instead, they are input into a reward generator, which queries a pre-defined cost-sensitivity matrix. This matrix dynamically generates a reward signal that aligns with the actual security policy based on the classification results and true labels, combined with asymmetric false positive and false negative cost weights. This reward is then fed back to the agent to update its internal parameters, driving continuous optimization and adaptive adjustment of the policy. Furthermore, this architecture exhibits excellent scalability: adding a base classifier only requires adding a corresponding arm to the LinUCB algorithm and initializing it; removing a base classifier only requires deleting the corresponding arm, without modifying the core algorithm logic or other model parameters, thus adapting to the model iteration needs of industrial scenarios.

[0035] The training process of the LinUCB agent is as follows: Step A: For base classifier a in the heterogeneous base classifier pool, initialize its corresponding covariance matrix and bias vector; Step B: Obtain the environment context vector and its corresponding real label; Step C: For each base classifier, calculate the confidence score and select the base classifier with the highest confidence score as the optimal base classifier; Step D, call the optimal base classifier for prediction: input the environmental context vector into the selected optimal base classifier to obtain the predicted label output by the optimal base classifier; Step E: Calculate the reward value based on the true and predicted labels of the environmental context vector and the preset asymmetric cost-sensitive reward matrix; Traditional machine learning models typically optimize by maximizing global accuracy (i.e., 0-1 loss). However, in real-world cybersecurity confrontations, the costs of various prediction errors are extremely asymmetrical: misclassifying normal users as attackers (false positives, FP) leads to alert fatigue and increased operational costs; while failing to classify malicious attacks as normal traffic (false negatives, FN) can result in core data leaks and system paralysis. To inject expert security strategies into reinforcement learning models, this framework abandons the traditional 0-1 reward mechanism and designs a highly customizable cost-sensitive reward function. Let... This is the actual label for the traffic (0 indicates normal, 1 indicates attack). The selected optimal base classifier The given prediction labels (0 for normal, 1 for attack). At time [time value missing] The reward received by the intelligent agent It is strictly defined as the following mapping function: ; in, , , , These represent the positive true positive reward value, the positive true negative reward value, the negative false positive penalty value, and the negative false negative penalty value, respectively. The optimal base classifier at time t The reward value.

[0036] The parameter set of this reward function is completely independent of the internal parameters of the LinUCB agent and the training process of the underlying base classifier. The agent's policy preference can be guided by simply adjusting the ratio of parameter values. There is no need to retrain the model. Policy hot switching without retraining can be achieved by adjusting the weight ratio of the reward parameters.

[0037] Step F: Based on the optimal base classifier, the current environmental context vector, and the calculated reward value, update the covariance matrix and bias vector of the optimal base classifier according to the following formula: ; ; in, For the optimal base classifier The covariance matrix, For the optimal base classifier The bias vector, The optimal base classifier at time t The reward value; Step G: Repeat steps B to F until all training samples have been traversed or the preset termination condition has been reached, and the trained LinUCB agent is obtained.

[0038] Through the above mechanism, the LinUCB agent can continuously iterate and optimize its understanding of various attack contexts as traffic data is continuously input. When facing new variant attacks, the higher uncertainty term will drive the agent to explore; while when facing traffic with known patterns, the highly fitted expected reward term can ensure that the system calls the underlying base classifier in the most efficient and secure way.

[0039] Step 400: The prediction result set and the confidence score set are horizontally concatenated to generate a higher-order augmented feature vector. The higher-order augmented feature vector is input into the trained meta-learner, which outputs the continuous probability that the current network traffic is an attack. The continuous probability is converted into a classification label according to the optimal candidate threshold, and the network intrusion detection result is output.

[0040] To avoid the risk of single-point failure that may arise from relying solely on discrete optimal arm selection made by reinforcement learning agents, this framework introduces a logistic regression-based meta-learner for soft calibration. This layer concatenates the prediction results of the four base classifiers with the context-aware confidence scores generated by the LinUCB agent. By comprehensively considering the model's prediction probability and relative confidence, a highly robust final classification decision is output.

[0041] Combining contextual bandits with meta-learners effectively bridges the gap between flexibility and robustness in existing dynamic selection algorithms. LinUCB, as a lightweight implementation of reinforcement learning, possesses policy-driven decision-making capabilities. Security administrators only need to adjust the parameters in the asymmetric cost-sensitive reward matrix to allow the system to flexibly switch its detection focus between "reducing false positives to alleviate alarm fatigue" and "severely punishing false negatives to achieve high coverage defense." This adjustment process does not require retraining the underlying heterogeneous base models, thus improving the model's adaptability in practical operations. However, the LinUCB agent faces the risk of single-arm bias when making hard arm selections. To address this, a meta-learning layer is introduced as a soft calibration mechanism to smooth out potential extreme biases by the agent, statistically integrating the advantages of various base models to output a more robust final decision. The synergy between these two layers not only empowers the system to dynamically adjust its strategy based on the scenario but also ensures the reliability of detection results through integration and fusion.

[0042] The core idea of ​​the meta-decision layer is to combine the preliminary judgments generated by the base model with the environmental perception scores generated by the agent. For The context vector at each time step is first collected. The set of prediction results from each base classifier And the output of the LinUCB agent The set of confidence scores corresponding to each base classifier ,in , , They represent The prediction results of the 1st, 2nd, and Kth base classifiers at time points. , , They represent The confidence scores of the 1st, 2nd, and Kth base classifiers at time points are then concatenated horizontally to construct a novel higher-order augmented feature vector. : ; The settings in this embodiment In the scenario, It is an 8-dimensional vector. This vector not only contains the judgments (yes or no) of each heterogeneous expert on the current traffic, but also contains the relative discourse power (score) of each expert in the context of the current traffic.

[0043] The meta-learner receives augmented feature vectors Subsequently, the meta-learner employs a logistic regression model with L2 regularization penalty for nonlinear probability mapping. To mitigate the severe class imbalance prevalent in network intrusion detection datasets, the model introduces a cost-sensitive class weight balancing mechanism into the loss function. Given augmented features... The meta-learner outputs the continuous probability that the current network traffic is an attack, calculated using the following formula: ; in, For higher-order augmented feature vectors, This is the logistic regression weight matrix. For logistic regression bias, It is an exponential function. Let t be the continuous probability that the true label of the network traffic at time t is an attack.

[0044] It is worth noting that in highly asymmetric security attack and defense scenarios, the default decision threshold of 0.5 often fails to achieve the optimal precision-recall tradeoff. Therefore, this framework designs a global threshold optimization mechanism on an independent validation set. Let... As candidate thresholds, the system iterates through the candidate thresholds on an independent, pre-defined validation set to find the optimal decision boundary that maximizes the pre-defined performance evaluation metric. The final binarized prediction output is defined as: ; The final network intrusion prediction result is 1, which indicates an intrusion, and 0 indicates no intrusion.

[0045] The LinUCB agent and the meta-decision layer form a clear division of labor. The core responsibility of the LinUCB agent is to perform reliability assessment of base classifiers based on context awareness, enabling dynamic adjustment of the detection strategy. This is specifically reflected in three capabilities: scene adaptation, hot strategy switching, and dynamic weight allocation. The core responsibility of the meta-decision layer is to fuse and calibrate the prediction results and reliability information of all base classifiers, outputting a robust final decision. This is specifically reflected in three capabilities: fault tolerance and correction, information reuse, and fluctuation smoothing. The two form a deep complementary relationship: LinUCB provides the meta-decision layer with context-aware dynamic weights, overcoming the limitations of fixed weights in static integration; the meta-decision layer provides LinUCB with a fault-tolerant mechanism for multi-result fusion, thus avoiding the single-point failure risk of hard selection of a single base classifier. Through this collaborative design, the framework achieves the dual goals of dynamic adaptation and robust detection.

[0046] Experimental Design and Result Analysis: To comprehensively evaluate the detection performance and policy flexibility of the proposed Cost-Sensitive Contextual Bandit and Meta-Learning framework (CS-CBML) in real-world network environments, this invention designs detailed comparative experiments. This section first introduces the datasets used in the experiments, the baselines, evaluation metrics, and parameter configurations, followed by a systematic analysis and discussion of the experimental results.

[0047] 1) Dataset and Preprocessing: To verify the model's generalization ability under different network architectures, attack types, and data distributions, this experiment selected three of the most representative public datasets in the field of network intrusion detection (IDS): (1) As a classic benchmark dataset in the field of IDS, the NSL-KDD dataset alleviates the problem of a large number of redundant and duplicate records in the early KDD Cup99 dataset, so that the base classifier will not be biased towards attack samples that appear too frequently. The dataset contains 41 basic features, covering normal traffic and four classic attack types: denial of service (DoS), probe, user to root (U2R) and remote to local (R2L).

[0048] (2) Compared to the earlier NSL-KDD dataset, the UNSW-NB15 dataset represents more complex and covert hybrid traffic in modern networks. This dataset was generated in a laboratory environment using tools and not only contains real modern normal network activity, but also injects modern attack payloads from 9 families (such as fuzzers, backdoors, exploits, shellcode, etc.). This dataset is known for its high feature dimensionality and high proportion of covert attacks, making it an ideal testing ground for testing the model's ability to capture complex variant attacks.

[0049] (3) The CIC-IDS2017 dataset, released by the Canadian Cyber ​​Security Institute, contains complete network topology traffic and extremely realistic background normal traffic. The most prominent features of this dataset are "extreme class imbalance" and "modernized attack patterns," including real threats such as web attacks, brute-force attacks, botnets, and heartbleed attacks. Under such an extremely imbalanced distribution, this dataset poses an extremely stringent challenge to the base classifier's ability to control the false positive rate (FP).

[0050] In terms of data partitioning strategy, in order to closely match the two-layer cascaded architecture of the CS-CBML framework and strictly prevent data leakage, this invention strictly divides the experimental data into four mutually exclusive subsets: base classifier training set (Train), reinforcement learning agent interaction set (RL), meta-learner calibration and threshold optimization verification set (Val), and independent test set (Test) for final blind testing.

[0051] To address the characteristics of different datasets, this experiment employs a customized segmentation scheme: A: For the two modern datasets, UNSW-NB15 and CIC-IDS201, this experiment integrates their full datasets and uses stratified sampling to divide them into the four independent subsets mentioned above according to a predetermined ratio. This operation ensures that each subset maintains a consistent class distribution across complex and highly imbalanced attack categories.

[0052] B: For the classic NSL-KDD dataset, to realistically test the model's generalization robustness in the face of unknown threats and cross-distribution data, this invention strictly follows the official blind testing evaluation protocol. Specifically, the first three training and calibration subsets (Train, RL, Validation) are all obtained by splitting from the officially provided KDDTrain+ set, while the final test set (Test) relies entirely on the officially provided KDDTest+ set. Since this official test set contains a large number of attack variants that did not appear during the training phase, this division method can objectively reflect the framework's defensive effectiveness against unknown threats in actual deployment.

[0053] 2) Compare with the baseline model: To comprehensively and rigorously verify the core advantages of the proposed CS-CBML framework in dynamic base classifier scheduling, cost-sensitive strategy adaptation, and robustness of detection performance, all baselines adopted the same feature engineering preprocessing process, base classifier training dataset and hyperparameter configuration, and data partitioning rules as the framework of this invention. The differences only lie in the core innovative dimensions such as the integrated scheduling mechanism, dynamic weight allocation, and cost-sensitive constraints. The interference of irrelevant variables on the experimental results was strictly excluded to ensure the fairness and rigor of the comparative experiments.

[0054] This set of baselines consists of base classifiers in the heterogeneous expert pool at the bottom layer of the framework of this invention. All models were fitted on a training set completely identical to that of the framework of this invention, using the same MI-RFECV feature selection results as input, without any integration, fusion, or dynamic scheduling mechanisms. The core purpose of this set of baselines is to evaluate the performance improvement of the CS-CBML framework of this invention compared to a single model, to quantitatively analyze the aggregation and amplification effect of the dynamic scheduling mechanism on the advantages of base classifiers with different characteristics, and to clarify the performance preferences of different base classifiers under various attack scenarios, thus providing a basic performance benchmark for the framework's dynamic scheduling logic.

[0055] 3) Evaluation indicators: In the evaluation of intrusion detection systems, the confusion matrix, consisting of true positives (TP), true negatives (TN), false positives (FP, i.e., false alarms), and false negatives (FN, i.e., false misses), is the foundation of all metrics. This invention uses the following mainstream metrics to comprehensively quantify the model: Accuracy = (TP + TN) / (TP + TN + FP + FN); Precision = TP / (TP + FP); Recall = TP / (TP + FN); F1 score = 2 × (Precision × Recall) / (Precision + Recall); Furthermore, since the baseline model selected in this invention often achieves high accuracy in the aforementioned datasets, traditional absolute metric changes are insufficient to reflect the system's value in actual attack and defense scenarios. Therefore, this invention specifically introduces "relative error reduction rate" as a core auxiliary evaluation metric. It is specifically defined as: (1) Relative underreporting rate: ; in, The relative underreporting rate is... This represents the number of missed cases in the baseline method. This represents the number of missed cases reported using this method. (2) Relative false alarm reduction rate: ; in, The relative false alarm reduction rate, The number of false alarms for the baseline method. This represents the number of false alarms for this method.

[0056] This metric can intuitively and accurately reflect how much of a fatal security vulnerability or useless alarm disturbance this framework has saved for real network operations and maintenance through a dynamic cost-sensitive mechanism under the suppression of extremely high baselines.

[0057] 4) Experimental Results and Analysis: (1) Analysis of hybrid feature selection and dimensionality reduction results: In real-world network environments, high-dimensional and noisy raw traffic data not only increases the model's inference latency but also triggers the "curse of dimensionality," interfering with the LinUCB agent's accurate perception of the context. To provide high-density state vectors to the core layer of reinforcement learning, this invention designs a two-stage hybrid feature purification pipeline, MI-RFECV, to clean and optimize three datasets.

[0058] Specifically, to avoid directly using computationally expensive wrapper methods on high-dimensional data, this invention first employs Mutual Information (MI) as a preliminary coarse screening mechanism. Taking the CIC-IDS2017 dataset as an example, after inputting this data into the first-stage MI coarse screening, the results are as follows: Figure 2 As shown. This mechanism quantifies the non-linear correlation between features and target labels, and can identify and remove redundant fields with low scores. Figure 2 The blue data points (in the middle) significantly reduce the computational cost of subsequent deep feature evaluation while preserving high-information features (red data points).

[0059] After removing zero-noise features, the remaining candidate features are input into the RFECV wrapper for a second stage of deep purification and feature combination optimization. Taking the CIC-IDS2017 dataset as an example... Figure 3 The dynamic optimization process of the validation set is demonstrated, confirming the necessity of the dimensionality reduction strategy: when the feature subset is expanded to 20 dimensions, the model accuracy reaches the global maximum, and the standard deviation of cross-validation narrows significantly (the light blue shaded area in the figure narrows), indicating that the extracted core feature combination has good generalization stability. When the dimension exceeds 20, the accuracy curve shows a slight decline and long-tail oscillation, indicating that unprocessed high-dimensional features may introduce overfitting risk, while the hybrid algorithm of this invention can capture this feature boundary and complete the stage truncation.

[0060] After two-stage hybrid feature extraction using MI-RFECV, the feature dimensions of all three datasets were significantly compressed. Detailed feature preservation results are shown in Table 1. Table 1. Optimal results after MI-RFECV hybrid feature selection

[0061] The feature optimization results further demonstrate the feature condensation capability of the MI-RFECV algorithm. In the CIC-IDS2017 dataset, which has the most redundant features, this method removed approximately 74.4% of the original noisy features, extracting only 20-dimensional core representations. On the UNSW-NB15 and NSL-KDD datasets, it achieved spatial compression of 65.3% and 56.1%, respectively. This feature simplification effectively reduces the inference pressure on heterogeneous base classifier layers and constructs a clear environmental context for the LinUCB agent, providing a fundamental guarantee for agile decision-making within the CS-CBML framework.

[0062] (2) Comparative discussion: To comprehensively evaluate the effectiveness and robustness of the CS-CBML model proposed in this invention, this section presents comparative experiments on three publicly available intrusion detection datasets: CIC-IDS2017, UNSW-NB15, and NSL-KDD. The experiments are conducted in two main dimensions: first, a horizontal comparison with classic machine learning models such as Random Forest, XGBoost, and Support Vector Machine under the same feature engineering conditions; and second, a vertical comparison with representative deep learning methods in this field in recent years. The experimental results with classic machine learning models under the same feature engineering conditions are shown in Table 2.

[0063] Table 2. Comparison of confusion matrices for each model on different datasets.

[0064] When faced with the CIC-IDS2017 dataset, which contains complex traffic from modern networks, CS-CBML demonstrated superior classification performance, achieving an accuracy of 99.80% and an F1-score of 99.50%, both ranking first. Under the same conditions, although RF and XGBoost also achieved accuracy of over 99%, SVM's recall was only 41.24% (resulting in an F1-score as low as 58.09%). This indicates that traditional kernel methods have limitations when handling high-dimensional, massive traffic. Looking at the actual false positives in the confusion matrix, RF produced 642 false negatives (FN), while CS-CBML produced only 459, representing a relative reduction in false negatives of 28.50%. Furthermore, compared to XGBoost's 1675 false positives (FP), CS-CBML produced only 661 false positives, representing a relative reduction in false positives of 60.54%.

[0065] To comprehensively validate the performance and generalization ability of the CS-CBML model, Tables 3 and 4 present its comparison results with existing research on the CIC-IDS2017 and UNSW-NB15 datasets, respectively. Compared to the state-of-the-art CapsNet+BiLSTM hybrid model, CS-CBML still achieves improvements of 0.8 and 1.5 percentage points in accuracy and F1-score, respectively. On the UNSW-NB15 dataset, which has a more complex feature space and more covert attack patterns, CS-CBML still maintains the highest accuracy of 98.96% and an F1-score of 96.02%. Although the accuracy of XGBoost and RF is similar (both 98.88%). The accuracy and precision were 9.66% and 4.36%, respectively. Under the same conditions, SVM's performance deteriorated further, with accuracy dropping to 87.97% and precision plummeting to 51.37%, generating as many as 25,164 false positives. Meanwhile, compared to existing baseline models such as ENIDS, CapsNet, and BiLSTM, CS-CBML achieved a significant performance leap, maintaining an accuracy advantage of approximately 2 percentage points over the powerful CapsNet+BiLSTM model.

[0066] Table 3 Comparison between CIC-IDS2017 and existing studies

[0067] Table 4. Comparison of UNSW-NB15 with existing research

[0068] Although many studies have achieved high detection accuracy (even exceeding 98%) on the NSL-KDD dataset in recent years, a closer analysis of their evaluation protocols reveals that most studies have not strictly adhered to the official training and test set splitting criteria. Instead, they have generally adopted a cross-validation strategy of mixing the entire dataset and then randomly re-splitting it proportionally. This approach leads to serious data leakage problems.

[0069] The core characteristics and challenges of the NSL-KDD official test set lie in its design: it includes approximately 17 novel and unknown attacks not present in the official training set, while significantly altering the sample distribution across all categories. The official purpose of this test set is to simulate the constantly emerging zero-day attacks in real-world network environments. If the data is mixed and then randomly re-split, these samples, originally intended as "unknown threats," will be prematurely exposed to the training set. This results in a "simplified" scenario where the model faces a highly overlapping training distribution during testing, reducing detection difficulty and generating inflated evaluation metrics that fail to accurately reflect the model's defensive capabilities in actual deployments.

[0070] Therefore, to objectively and rigorously evaluate the model's ability to cope with unknown threats, this invention abandons the practice of mixing and repartitioning data, and strictly adopts the independent test set officially designated by NSL-KDD as the benchmark for generalization capability verification. Based on this rigorous verification benchmark, this paper conducts comparisons with classic baselines under equivalent feature engineering and with existing research results, the results of which are shown in Tables 5 and 6, respectively.

[0071] Table 5. Model performance in NSL-KDD under equivalent feature engineering.

[0072] Table 6 Comparison with existing research on NSL-KDD

[0073] Experimental results show that traditional models such as XGBoost, RF, and SVM experienced a severe performance decline when faced with novel attacks not seen in the training set, with accuracy and recall falling to 74%–77% and 58%–62%, respectively, indicating severe overfitting to known attacks. However, under the same stringent testing conditions, CS-CBML maintained an accuracy of 88.54%, a precision of 93.97%, and an F1 score of 89.45%. This performance not only significantly outperformed most traditional algorithms (whose accuracy was generally between 73% and 80%), but also placed it in the same tier as the cutting-edge transfer learning framework TL-NID, specifically optimized for this dataset, and even slightly surpassed it in precision. In conclusion, the CS-CBML model demonstrated excellent feature extraction capabilities and robust generalization in various complex network environments and zero-day attack scenarios.

[0074] (3) Mechanism exploration: To address the issues of "slow cold start" and "long convergence time" in traditional deep reinforcement learning algorithms for network intrusion detection, this invention abandons the massive deep neural network in the framework decision center and instead introduces a lightweight LinUCB agent. Figure 4 The effectiveness of this design is verified using the dynamic reward evolution on the CIC-IDS2017 dataset as an example. Figure 4 The trend shows that the red moving average curve rises rapidly in the first few hundred steps. This phenomenon indicates that, thanks to the high information density feature vectors extracted by the MI-RFECV hybrid pipeline in the previous stage, the agent can be free from redundant noise interference and quickly establish the decision mapping relationship between each heterogeneous base classifier and the specific traffic scenario with a low sample trial and error cost.

[0075] After overcoming the initial rapid learning phase, the average reward curve stabilizes in a high positive return range, and no long-tail oscillations, common in traditional reinforcement learning, are observed in subsequent continuous online evaluations. From an algorithmic mechanism perspective, this indicates that the covariance matrix and bias vector corresponding to each base classifier have fully absorbed environmental information and tend to converge. In this state, the confidence weights used to encourage exploration in the LinUCB scoring formula naturally decay, prompting the system to smoothly transition to a scheduling mode that primarily utilizes known optimal policies. These results demonstrate that the CS-CBML framework proposed in this invention has the potential for agile deployment and real-time response in real-world high-concurrency network environments.

[0076] Once an existing IDS model is trained, its trade-off between false positives and false negatives is fixed. However, the real industrial cybersecurity environment is dynamic: enterprises sometimes face scenarios requiring extremely high business continuity, such as the "Double 11" promotion, and at other times they are in a "zero-tolerance" red team / blue team exercise to defend against advanced persistent threats.

[0077] To verify whether the CS-CBML framework has the policy flexibility of "no retraining and hot switching", this invention designed three asymmetric penalty strategies that map real security requirements on the UNSW-NB15 dataset: V1 (balanced protection), V2 (business priority: extremely high false positive penalty) and V3 (zero tolerance penetration prevention: extremely high false negative penalty). The specific reward strategies are shown in Table 7.

[0078] The cost matrix design of the three strategies follows domain prior knowledge in intrusion detection, namely that the harm of false negatives (FN) is generally higher than that of false positives (FP), but the specific preference needs to be dynamically adjusted according to actual security needs. Strategy V1 serves as the baseline equilibrium strategy, setting the FN penalty higher than the FP penalty, reflecting the basic principle that the cost of false negatives is higher, and is used to provide a comparative baseline. Strategy V2 is geared towards scenarios prioritizing business continuity, significantly increasing the FP penalty to make it close to or even exceed the FN penalty, forcing the model to conservatively trigger alarms, in order to minimize the interference of false positives on normal business. Strategy V3 is geared towards high-security scenarios, significantly increasing the FN penalty and decreasing the FP penalty, causing the model to prioritize covering potential attacks, i.e., pursuing an extremely low false negative rate. By adjusting the relative ratio of FP to FN penalties, the three strategies achieve a continuous shift of the decision boundary between the two extremes of "false positive priority" and "false negative priority".

[0079] Table 7 Reward Function Strategy Table

[0080] To comprehensively evaluate the system's global defense effectiveness under three heterogeneous strategies, this invention designed a comparative experiment based on the confusion matrix, examining the detection results under the baseline balanced strategy (V1), the strategy with strict control over false positives (V2), and the strategy with strict control over false negatives (V3). The experimental results are as follows: Figure 5-7 As shown.

[0081] Using V1 (baseline equilibrium strategy, FN=140, FP=2498) as a reference: When the system loads the V2 (strictly control false positives) strategy, the LinUCB agent actively adjusts the decision boundary towards the conservative side based on the increased false positive penalty weight. In this mode, the framework of this invention reduces the number of false positives to the lowest of 2445, effectively suppressing alarm fatigue with a small recall rate loss (false negatives rise to 222), ensuring business continuity in high-concurrency scenarios. Conversely, when the system switches to the V3 (strictly control false negatives) strategy, driven by both extreme false negative penalties and high interception rewards (TP=120), the agent exhibits an aggressive defensive tendency. In a total of over 30,000 attack samples, the system only generated 60 false negatives (a 57% reduction compared to V1). Although the number of false positives reasonably increased to 2801, this strategy significantly enhanced the interception capability against high-risk penetration attacks, providing higher security protection for core assets.

[0082] To reveal the underlying scheduling behavior of the system, this invention statistically analyzed the dynamic call frequency distribution of the LinUCB agent to four heterogeneous base classifiers (arms) under three strategies. The statistical results are as follows: Figure 8 As shown.

[0083] Under V1 (equilibrium state), the agent, guided by maximizing overall accuracy, allocates approximately 70% of its decision weights to the highest-performing individual algorithms, Random Forest (RF, 34.58%) and XGBoost (34.39%), while significantly suppressing the use of the weaker SVM (only 1.72%). The shift in the cost matrix alters this static preference. Faced with the high false positive penalty under the V2 strategy, the agent proactively reduces the use of the false positive-prone XGBoost (from 34.39% to 22.86%), instead increasing the use of the previously marginalized SVM in specific contexts (to 34.43%). This result reveals that the agent autonomously recognizes during interactions that utilizing the relatively conservative decision boundaries of SVM increases the probability of obtaining the high reward for correctly allowing normal traffic (TN), thus avoiding false positive penalties. Under the V3 (strictly controlling false negatives) strategy, to pursue a higher threat interception rate, the system proactively shrinks the exploration space of reinforcement learning, avoiding entrusting uncertain high-risk traffic to weaker models. The agent concentrates 61.63% of its decision weights on the most robust random forest (RF), exhibiting a highly centralized defense posture. These results demonstrate that the CS-CBML framework proposed in this invention can adaptively allocate resources according to business needs, possessing the capability of an intelligent defense hub.

[0084] (4) Ablation experiment: To verify the core and irreplaceable role of the reinforcement learning agent in the entire cascaded architecture, this section designs an ablation experiment that removes the agent module. In the baseline configuration without LinUCB, the system degenerates into a traditional static ensemble model (i.e., directly concatenating the output features of heterogeneous base classifiers and feeding them into the meta-learner, stripping away the dynamic context evaluation and soft calibration mechanisms).

[0085] like Figure 9 As shown in the blind test confusion matrix, the static baseline model without LinUCB achieved an extremely low false negative rate (FN=59) on the test set. However, this high recall rate is extremely distorted, at the cost of producing the highest number of false positives (FP=2803), even higher than the most aggressive single-unit RF and XGBoost models. This phenomenon reveals that traditional static integration, lacking cost awareness and dynamic constraints, exhibits an extremely aggressive tendency of "high recall, high false positives." In real industrial network environments, this will cause extremely serious "alarm fatigue," leading to a significant paralysis of the availability of security operations and maintenance systems, making it impossible to quickly adapt to the needs of the new environment when business environment requirements change.

[0086] The introduction of LinUCB effectively alleviates the aforementioned problems. Experimental results show that the value of LinUCB lies not only in the improvement of multiple performance indicators, but also in its ability to provide the system with a dynamically optimizable control center. When the system embeds LinUCB and is configured with the V1 (Balanced Protection) strategy, the agent keenly detects the oversensitivity of the underlying tree model at fuzzy boundaries through higher-order features. Through soft calibration using LinUCB exploration and asymmetric penalty terms, this framework successfully reduced the number of false alarms from 2803 to 2498 while maintaining extremely high security. Administrators can quickly adapt to new environments by adjusting the strategy.

[0087] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art should understand that modifications or equivalent substitutions can still be made to the technical solutions of the present invention, and these modifications or equivalent substitutions cannot cause the modified technical solutions to deviate from the spirit and scope of the technical solutions of the present invention.

Claims

1. A network intrusion detection method based on contextual LinUCB, characterized in that, Includes the following steps: Step 100: The raw network traffic is input into the feature engineering layer for preprocessing, and the output is an environment context vector; the processing flow of the feature engineering layer includes outlier limiting and robust scaling, as well as two-stage hybrid feature selection based on MI-RFECV. Step 200: Input the environment context vector into the trained heterogeneous base classifier pool. Each base classifier outputs its corresponding prediction result, and the results are concatenated to obtain a set of prediction results. Step 300: Input the environmental context vector into the trained LinUCB agent that uses an asymmetric cost-sensitive reward matrix for reward calculation, output the confidence scores corresponding to each base classifier and concatenate them to obtain a set of confidence scores. Step 400: The prediction result set and the confidence score set are horizontally concatenated to generate a higher-order augmented feature vector. The higher-order augmented feature vector is input into the trained meta-learner, which outputs the continuous probability that the current network traffic is an attack. The continuous probability is converted into a classification label according to the optimal candidate threshold, and the network intrusion detection result is output.

2. The network intrusion detection method based on contextual LinUCB according to claim 1, characterized in that, In step 100, outlier limiting and robust scaling include the following steps: Step 101: Truncate the data by calculating the finite boundary values ​​of each feature dimension, and repair missing records using the median interpolation method; Step 102: Based on the interquartile range, outliers that exceed the set range are forcibly pulled back to the critical threshold. Step 103: The features are dimensionless using the pre-fitted median and interquartile range to obtain a preprocessed feature subset.

3. The network intrusion detection method based on contextual LinUCB according to claim 2, characterized in that, In step 100, the two-stage hybrid feature selection method based on MI-RFECV includes: Phase 1: Calculate the mutual information score between each feature in the preprocessed feature subset and the target label; set a hard threshold to filter out redundant features with mutual information scores lower than the hard threshold, and obtain a high-scoring feature subset; Phase 2: Step 104, initialize the iterative feature subset as the high-scoring feature subset; Step 105: Train a random forest model on the iterative feature subset and obtain the importance score of each feature in the iterative feature subset from the random forest model; Step 106: Sort the features of the iterative feature subset in descending order of importance score, and remove the bottom 5% of features by importance score to obtain the updated iterative feature subset; Step 107: Perform k-fold cross-validation on the updated iterative feature subset, calculate the average classification accuracy, and record the cross-validation score corresponding to the iterative feature subset. Step 108: When the cross-validation score reaches its peak and the feature dimension is reduced to its simplest form, the iteration stops and the context vector is output; otherwise, steps 105-108 are repeated.

4. The network intrusion detection method based on contextual LinUCB according to claim 3, characterized in that, In step 200, the heterogeneous base classifier pool includes at least two base classifiers, which are models constructed based on different machine learning algorithms.

5. A network intrusion detection method based on contextual LinUCB according to claim 4, characterized in that, In step 300, the step of inputting the environmental context vector into the trained LinUCB agent that uses an asymmetric cost-sensitive reward matrix for reward calculation, and outputting the confidence scores corresponding to each base classifier includes: Step 301: For base classifier a in the heterogeneous base classifier pool, read the covariance matrix and bias vector corresponding to base classifier a. The covariance matrix and bias vector are obtained after being updated by the asymmetric cost-sensitive reward matrix during the training phase of the LinUCB agent. Step 302, calculate the weight vector of the base classifier a, using the following formula: ; in, Let a be the weight vector of the base classifier a. Let be the covariance matrix of the base classifier a. is the bias vector of the base classifier a; Step 303: Calculate the expected reward based on the environmental context vector and weight vector. The calculation formula is as follows: ; in The expected reward of base classifier a, Let be the environment context vector at time t. For transpose; Step 304: Introduce the exploration intensity coefficient and calculate the confidence score of the base classifier a. The calculation formula is as follows: ; in, Let be the confidence score of the base classifier a at time t. To explore the strength coefficient; Step 305: Repeat steps 301 to 304 until the confidence scores of all base classifiers are obtained.

6. The network intrusion detection method based on contextual LinUCB according to claim 5, characterized in that, In step 300, the training process of the LinUCB agent is as follows: Step A: For base classifier a in the heterogeneous base classifier pool, initialize its corresponding covariance matrix and bias vector; Step B: Obtain the environment context vector and its corresponding real label; Step C: For each base classifier, calculate the confidence score and select the base classifier with the highest confidence score as the optimal base classifier; Step D, call the optimal base classifier for prediction: input the environmental context vector into the selected optimal base classifier to obtain the predicted label output by the optimal base classifier; Step E: Calculate the reward value based on the true and predicted labels of the environmental context vector and the preset asymmetric cost-sensitive reward matrix; Step F: Based on the optimal base classifier, the current environmental context vector, and the calculated reward value, update the covariance matrix and bias vector of the optimal base classifier according to the following formula: ; ; in, For the optimal base classifier The covariance matrix, For the optimal base classifier The bias vector, The optimal base classifier at time t The reward value; Step G: Repeat steps B to F until all training samples have been traversed or the preset termination condition has been reached, and the trained LinUCB agent is obtained.

7. A network intrusion detection method based on contextual LinUCB according to claim 6, characterized in that, In step 300, the asymmetric cost-sensitive reward matrix is ​​configured as follows: When both the true label and the predicted label are attack, the reward value is a positive true positive reward value. When both the true label and the predicted label are normal, the reward value is a positive true negative reward value. When the true label is normal and the predicted label is attack, the reward value is a negative false positive penalty value; When the true label is "attack" and the predicted label is "normal", the reward value is a negative false negative penalty value.

8. A network intrusion detection method based on contextual LinUCB according to claim 7, characterized in that, In step 400, the higher-order augmented feature vector is input into the trained meta-learner, and the formula for calculating the continuous probability that the current network traffic is an attack is as follows: ; in, For higher-order augmented feature vectors, This is the logistic regression weight matrix. For logistic regression bias, It is an exponential function. Let t be the continuous probability that the true label of the network traffic at time t is an attack.

9. A network intrusion detection method based on contextual LinUCB according to claim 8, characterized in that, In step 400, the method for determining the optimal candidate threshold is as follows: traverse the candidate thresholds in the interval [0, 1] on an independent preset verification set, and select the candidate threshold that makes the preset performance evaluation index reach its maximum value as the optimal candidate threshold.