Intrusion Detection System (IDS) examine large quantity of data with the intent to find malicious event among them. A misclassification of what is examine can lead to a higher rate false positive or false negative, thus any model built for the task must be as accurate as possible. The purpose of this study was observe how applying ensemble method can affect the performance of a classifier. We worked with: Adaptive Boosting (AdaBoost) and Banging Classifier as ensembles on different classifiers, namely: Naïve Bayes and Decision Tree (CART).
Algorithm were trained and test on the NSL-KDD dataset and the F-score, precision and recall were taken as base metric to evaluate how well algorithms performed.
We notice that while ensemble method in fact improve the performance of week classifier, this sometimes comes with little cost. When looking at multiple metrics for improvement, one metric might get improved while the other one decreases.