Academic Commons

Articles

A Multiple Model Cost-Sensitive Approach for Intrusion Detection

Fan, Wei; Lee, Wenke; Stolfo, Salvatore; Miller, Matthew

Intrusion detection systems (IDSs) need to maximize security while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion detection models to be used for real-time detection. We briefly discuss the major cost factors in IDS, including consequential and operational costs. We propose a multiple model cost-sensitive machine learning technique to produce models that are optimized for user-defined cost metrics. Empirical experiments in off-line analysis show a reduction of approximately 97% in operational cost over a single model approach, and a reduction of approximately 30% in consequential cost over a pure accuracy-based approach.

Subjects

Files

More About This Work

Academic Units
Computer Science
Published Here
May 3, 2010

Notes

Machine learning: ECML 2000: 11th European Conference on Machine Learning: Barcelona, Catalonia, Spain, May 31-June 2, 2000: proceedings, Lecture Notes in Computer Science, vol. 1810 (Berlin: Springer, 2000), pp. 142-154.

Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.