Abstract
Intrusion Detection is an invaluable part of computer networks defense. An important consideration is the fact that raising false alarms carries a significantly lower cost than not detecting attacks. For this reason, we examine how cost-sensitive classification methods can be used in Intrusion Detection systems. The performance of the approach is evaluated under different experimental conditions, cost matrices and different classification models, in terms of expected cost, as well as detection and false alarm rates. We find that even under unfavourable conditions, cost-sensitive classification can improve performance significantly, if only slightly.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
*Work done while Aikaterini Mitrokotsa was with the University of Piraeus.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
DeGroot MH (2004) Optimal Statistical Decisions. John Wiley & Sons, New York. 1970. Republished in 2004
Fan W, Lee W, Stolfo SJ, Miller M (2000) A multiple model cost-sensitive approach for intrusion detection. Proceedings of the 11th European conference on Machine Learning 2000 (ECML’00), Barcelona, Catalonia, Spain, Lecture Notes in Computer Science, vol. 1810, pp 142–153
Pietraszek P (2004) Using adaptive alert classification to reduce false positives in intrusion Detection. In: Proceedings of Recent Advances in Intrusion Detection 7th International Symposium (RAID’04), Sophia, Antipolis, France, Lecture Notes in Computer Science 3224, Springer, pp102–124
Domingos P (1999) MetaCost A general method for making classifiers cost-sensitive. In: Proceedings of the Fifth ACM SIGKDD Int’l conf. On Knowledge Discovery and Data Mining, San Diego, CA, pp 155–164
Ting K (1998) Inducing cost-sensitive trees via instance weighting. In: Proceedings of the Second European Symposium on Principles of Data Mining and Knowledge Discovery. vol 1510 of Lecture Notes in AI., Springer-Verlag, pp 137–147
Cohen WW (1995) Fast effective rule induction. In: Proceedings of the Twelfth International Conference on Machine Learning, Lake Taho, CA, Morgan Kaufmann, pp 115–123
KDD Cup 1999 Data (1999). Available from <http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html>
Elkan C (1999) Results of the KDD'99 Classifier Learning Contest. September, Available from < http://www-cse.ucsd.edu/users/elkan/clresults.html>
Efron B, Tibshirani RJ (1994) An Introduction to the Bootstrap. Monographs on Statistics & Applied Probability, vol. 57, Chapmann & Hall, New York, Nov, Pub.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer Science+Business Media, LLC
About this paper
Cite this paper
Mitrokotsa*, A., Dimitrakakis, C., Douligeris, C. (2009). Intrusion Detection Using Cost-Sensitive Classification. In: Siris, V., Anagnostakis, K., Ioannidis, S., Trimintzios, P. (eds) Proceedings of the 3rd European Conference on Computer Network Defense. Lecture Notes in Electrical Engineering, vol 30. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-85555-4_3
Download citation
DOI: https://doi.org/10.1007/978-0-387-85555-4_3
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-85554-7
Online ISBN: 978-0-387-85555-4
eBook Packages: EngineeringEngineering (R0)