Advertisement

Intrusion Detection Using Cost-Sensitive Classification

  • Aikaterini Mitrokotsa*
  • Christos Dimitrakakis
  • Christos Douligeris
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 30)

Abstract

Intrusion Detection is an invaluable part of computer networks defense. An important consideration is the fact that raising false alarms carries a significantly lower cost than not detecting attacks. For this reason, we examine how cost-sensitive classification methods can be used in Intrusion Detection systems. The performance of the approach is evaluated under different experimental conditions, cost matrices and different classification models, in terms of expected cost, as well as detection and false alarm rates. We find that even under unfavourable conditions, cost-sensitive classification can improve performance significantly, if only slightly.

Keywords

False Alarm Gaussian Mixture Model Intrusion Detection Test Dataset Intrusion Detection System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    DeGroot MH (2004) Optimal Statistical Decisions. John Wiley & Sons, New York. 1970. Republished in 2004MATHCrossRefGoogle Scholar
  2. [2]
    Fan W, Lee W, Stolfo SJ, Miller M (2000) A multiple model cost-sensitive approach for intrusion detection. Proceedings of the 11th European conference on Machine Learning 2000 (ECML’00), Barcelona, Catalonia, Spain, Lecture Notes in Computer Science, vol. 1810, pp 142–153Google Scholar
  3. [3]
    Pietraszek P (2004) Using adaptive alert classification to reduce false positives in intrusion Detection. In: Proceedings of Recent Advances in Intrusion Detection 7th International Symposium (RAID’04), Sophia, Antipolis, France, Lecture Notes in Computer Science 3224, Springer, pp102–124Google Scholar
  4. [4]
    Domingos P (1999) MetaCost A general method for making classifiers cost-sensitive. In: Proceedings of the Fifth ACM SIGKDD Int’l conf. On Knowledge Discovery and Data Mining, San Diego, CA, pp 155–164Google Scholar
  5. [5]
    Ting K (1998) Inducing cost-sensitive trees via instance weighting. In: Proceedings of the Second European Symposium on Principles of Data Mining and Knowledge Discovery. vol 1510 of Lecture Notes in AI., Springer-Verlag, pp 137–147Google Scholar
  6. [6]
    Cohen WW (1995) Fast effective rule induction. In: Proceedings of the Twelfth International Conference on Machine Learning, Lake Taho, CA, Morgan Kaufmann, pp 115–123Google Scholar
  7. [7]
    KDD Cup 1999 Data (1999). Available from <http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html>
  8. [8]
    Elkan C (1999) Results of the KDD'99 Classifier Learning Contest. September, Available from < http://www-cse.ucsd.edu/users/elkan/clresults.html>
  9. [9]
    Efron B, Tibshirani RJ (1994) An Introduction to the Bootstrap. Monographs on Statistics & Applied Probability, vol. 57, Chapmann & Hall, New York, Nov, Pub.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  • Aikaterini Mitrokotsa*
    • 1
  • Christos Dimitrakakis
    • 2
  • Christos Douligeris
    • 3
  1. 1.Vrije University AmsterdamNetherlands
  2. 2.University of LeobenLeobenAustria
  3. 3.University of PiraeusPiraeusGreece

Personalised recommendations