A Multiple Model Cost-Sensitive Approach for Intrusion Detection
Intrusion detection systems (IDSs) need to maximize security while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion detection models to be used for real-time detection. We briefly discuss the major cost factors in IDS, including consequential and operational costs. We propose a multiple model cost-sensitive machine learning technique to produce models that are optimized for user-defined cost metrics. Empirical experiments in off-line analysis show a reduction of approximately 97% in operational cost over a single model approach, and a reduction of approximately 30% in consequential cost over a pure accuracy-based approach.
- cost-ecml00.pdf application/pdf 157 KB Download File
Also Published In
More About This Work
- Academic Units
- Computer Science
- Published Here
- May 3, 2010
Machine learning: ECML 2000: 11th European Conference on Machine Learning: Barcelona, Catalonia, Spain, May 31-June 2, 2000: proceedings, Lecture Notes in Computer Science, vol. 1810 (Berlin: Springer, 2000), pp. 142-154.