Cyber Security Threats Detection Using Ensemble Architecture
This paper describes an ensemble design for cyber security threats detection, which fuses the results from multiple classifiers together to make a final assessment decision. For promoting both speed and accuracy in the detection performance, only some of the features in traffic data are selected for each base classifier. In the kernel of each classifier, the authors combine Dempster-Shafer theory with k-nearest neighbor technique to solve the uncertainty problems caused by ambiguous and limited intrusion information. In addition, they apply data mining techniques to reduce the number of false alarms. The results indicate that their ensemble approach achieves higher detection rates than that of using a full feature set of classifiers.