Sequential Binary Classification for Intrusion Detection
This addresses performance issues in ML-based intrusion detection systems for network security, but it is incremental as it builds on existing structural approaches.
The paper tackled class imbalance in network intrusion detection by proposing Sequential Binary Classification (SBC), a hierarchical cascade of binary classifiers, and demonstrated its viability on benchmark datasets.
Network Intrusion Detection Systems (IDS) have become increasingly important as networks become more vulnerable to new and sophisticated attacks. Machine Learning (ML)-based IDS are increasingly seen as the most effective approach to handle this issue. However, IDS datasets suffer from high class imbalance, which impacts the performance of standard ML models. Different from existing data-driven techniques to handling class imbalance, this paper explores a structural approach to handling class imbalance in multi-class classification (MCC) problems. The proposed approach - Sequential Binary Classification (SBC), is a hierarchical cascade of (regular) binary classifiers. Experiments on benchmark IDS datasets demonstrate that the structural approach to handling class-imbalance, as exemplified by SBC, is a viable approach to handling the issue.