Abstract
With the rapid development of the internet, the increasing amount of malicious traffic poses a significant challenge to the network security of critical infrastructures, including power monitoring systems. As the core part of the power grid operation, the network security of power monitoring systems directly affects the stability of the power system and the safety of electricity supply. Nowadays, network attacks are complex and diverse, and traditional rule-based detection methods are no longer adequate. With the advancement of machine learning technologies, researchers have introduced them into the field of traffic detection to address this issue. Current malicious traffic detection methods mostly rely on single machine learning models, which face problems such as poor generalization, low detection accuracy, and instability. To solve these issues, this paper proposes a malicious traffic detection method based on multi-model fusion, using the stacking strategy to integrate models. Compared to single models, stacking enhances the model's generalization and stability, improving detection accuracy. Experimental results show that the accuracy of the stacking model on the NSL-KDD test set is 96.5%, with an F1 score of 96.6% and a false-positive rate of 1.8%, demonstrating a significant improvement over single models and validating the advantages of multi-model fusion in malicious traffic detection.