Improvement In Minority Attack Detection With Skewness In Network Traffic

The acceptability and usability of Intrusion Detection Systems get seriously affected with the data skewness in network traffic. A large number of false alarms mean a lot in terms of the acceptability of Intrusion Detection Systems. The reason for the increase in false alerts is that the normal traffic abound. Even with highly accurate Intrusion Detection Systems, the effective detection rate of the minority attack types will be unacceptably low and those attack types are often the most serious ones. Thus high accuracy is not necessarily an indicator of high model quality, and therein lies the accuracy paradox of predictive analytics. The cost of missing an attack is higher than the cost of false alarms. The lata-dependent sensor fusion architecture presented in this paper learns from the data and then appropriately gives weighting to the decisions of various Intrusion Detection Systems. The fusion enriches these weighted decisions to provide a single decision, which is better than those of the existing Intrusion Detection Systems. This method reduces the false positive rate and improves the overall detection rate and also the detection rate of minority class types in particular.