Effective network intrusion detection techniques are required to thwart evolving cybersecurity threats. Historically, traditional enterprise networks have been researched extensively in this regard. However, the cyber threat landscape has grown to include wireless networks. In this article, the authors present a novel model that can be trained on completely different feature sets and applied to two distinct intrusion detection applications: traditional enterprise networks and 802.11 wireless networks. This is the first method that demonstrates superior performance in both aforementioned applications. The model is based on a one-versus-all binary framework comprising multiple nested sub-ensembles. To provide good generalization ability, each sub-ensemble contains a collection of sub-learners, and only a portion of the sub-learners implement boosting. A class weight based on the sensitivity metric (true-positive rate), learned from the training data only, is assigned to the sub-ensembles of each class. The use of pruning to remove sub-learners that do not contribute to or have an adverse effect on overall system performance is investigated as well. The results demonstrate that the proposed system can achieve exceptional performance in applications to both traditional enterprise intrusion detection and 802.11 wireless intrusion detection.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.