A Multiple Model Cost-Sensitive Approach for Intrusion Detection

Fan, Wei; Lee, Wenke; Stolfo, Salvatore J.; Miller, Matthew

doi:10.1007/3-540-45164-1_15

A Multiple Model Cost-Sensitive Approach for Intrusion Detection

Wei Fan, Wenke Lee, Salvatore J. Stolfo, Matthew Miller

ECML-PKDD 2000 pp. 142-153

doi:10.1007/3-540-45164-1_15 /ecmlpkdd/2000/fan2000ecml-multiple/

Abstract

Intrusion detection systems (IDSs) need to maximize security while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion detection models to be used for real-time detection. We briefly discuss the major cost factors in IDS, including consequential and operational costs. We propose a multiple model cost-sensitive machine learning technique to produce models that are optimized for user-defined cost metrics. Empirical experiments in offline analysis show a reduction of approximately 97% in operational cost over a single model approach, and a reduction of approximately 30% in consequential cost over a pure accuracy-based approach.

PDF ECML-PKDD Semantic Scholar

Cite

Text

Fan et al. "A Multiple Model Cost-Sensitive Approach for Intrusion Detection." European Conference on Machine Learning, 2000. doi:10.1007/3-540-45164-1_15

Markdown

[Fan et al. "A Multiple Model Cost-Sensitive Approach for Intrusion Detection." European Conference on Machine Learning, 2000.](https://mlanthology.org/ecmlpkdd/2000/fan2000ecml-multiple/) doi:10.1007/3-540-45164-1_15

BibTeX

@inproceedings{fan2000ecml-multiple,
  title     = {{A Multiple Model Cost-Sensitive Approach for Intrusion Detection}},
  author    = {Fan, Wei and Lee, Wenke and Stolfo, Salvatore J. and Miller, Matthew},
  booktitle = {European Conference on Machine Learning},
  year      = {2000},
  pages     = {142-153},
  doi       = {10.1007/3-540-45164-1_15},
  url       = {https://mlanthology.org/ecmlpkdd/2000/fan2000ecml-multiple/}
}