Intrusion Detection Using Cost-Sensitive Classification
Aikaterini Mitrokotsa, Christos Dimitrakakis, Christos, Douligeris
TL;DR
This paper explores the application of cost-sensitive classification techniques to intrusion detection systems, aiming to reduce false alarms and improve attack detection by considering different misclassification costs.
Contribution
It introduces the use of cost-sensitive classification methods in intrusion detection and evaluates their effectiveness across various conditions and models.
Findings
Cost-sensitive methods can significantly improve detection performance.
Even under unfavorable conditions, performance gains are noticeable.
The approach reduces false alarms while maintaining detection rates.
Abstract
Intrusion Detection is an invaluable part of computer networks defense. An important consideration is the fact that raising false alarms carries a significantly lower cost than not detecting at- tacks. For this reason, we examine how cost-sensitive classification methods can be used in Intrusion Detection systems. The performance of the approach is evaluated under different experimental conditions, cost matrices and different classification models, in terms of expected cost, as well as detection and false alarm rates. We find that even under unfavourable conditions, cost-sensitive classification can improve performance significantly, if only slightly.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Advanced Malware Detection Techniques · Anomaly Detection Techniques and Applications