A Multiple Model Cost-Sensitive Approach for Intrusion Detection

Fan, Wei; Lee, Wenke; Stolfo, Salvatore; Miller, Matthew

Intrusion detection systems (IDSs) need to maximize security while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion detection models to be used for real-time detection. We briefly discuss the major cost factors in IDS, including consequential and operational costs. We propose a multiple model cost-sensitive machine learning technique to produce models that are optimized for user-defined cost metrics. Empirical experiments in off-line analysis show a reduction of approximately 97% in operational cost over a single model approach, and a reduction of approximately 30% in consequential cost over a pure accuracy-based approach.



More About This Work

Academic Units
Computer Science
Published Here
May 3, 2010


Machine learning: ECML 2000: 11th European Conference on Machine Learning: Barcelona, Catalonia, Spain, May 31-June 2, 2000: proceedings, Lecture Notes in Computer Science, vol. 1810 (Berlin: Springer, 2000), pp. 142-154.