Saved in:
Bibliographic Details
Main Authors: Lopez-Ledezma, Mateo, Velarde, Gissel
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2505.04204
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918012540420096
author Lopez-Ledezma, Mateo
Velarde, Gissel
author_facet Lopez-Ledezma, Mateo
Velarde, Gissel
contents Cybersecurity has become essential worldwide and at all levels, concerning individuals, institutions, and governments. A basic principle in cybersecurity is to be always alert. Therefore, automation is imperative in processes where the volume of daily operations is large. Several cybersecurity applications can be addressed as binary classification problems, including anomaly detection, fraud detection, intrusion detection, spam detection, or malware detection. We present three experiments. In the first experiment, we evaluate single classifiers including Random Forests, Light Gradient Boosting Machine, eXtreme Gradient Boosting, Logistic Regression, Decision Tree, and Gradient Boosting Decision Tree. In the second experiment, we test different sampling techniques including over-sampling, under-sampling, Synthetic Minority Over-sampling Technique, and Self-Paced Ensembling. In the last experiment, we evaluate Self-Paced Ensembling and its number of base classifiers. We found that imbalance learning techniques had positive and negative effects, as reported in related studies. Thus, these techniques should be applied with caution. Besides, we found different best performers for each dataset. Therefore, we recommend testing single classifiers and imbalance learning techniques for each new dataset and application involving imbalanced datasets as is the case in several cyber security applications.
format Preprint
id arxiv_https___arxiv_org_abs_2505_04204
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Cyber Security Data Science: Machine Learning Methods and their Performance on Imbalanced Datasets
Lopez-Ledezma, Mateo
Velarde, Gissel
Machine Learning
Cybersecurity has become essential worldwide and at all levels, concerning individuals, institutions, and governments. A basic principle in cybersecurity is to be always alert. Therefore, automation is imperative in processes where the volume of daily operations is large. Several cybersecurity applications can be addressed as binary classification problems, including anomaly detection, fraud detection, intrusion detection, spam detection, or malware detection. We present three experiments. In the first experiment, we evaluate single classifiers including Random Forests, Light Gradient Boosting Machine, eXtreme Gradient Boosting, Logistic Regression, Decision Tree, and Gradient Boosting Decision Tree. In the second experiment, we test different sampling techniques including over-sampling, under-sampling, Synthetic Minority Over-sampling Technique, and Self-Paced Ensembling. In the last experiment, we evaluate Self-Paced Ensembling and its number of base classifiers. We found that imbalance learning techniques had positive and negative effects, as reported in related studies. Thus, these techniques should be applied with caution. Besides, we found different best performers for each dataset. Therefore, we recommend testing single classifiers and imbalance learning techniques for each new dataset and application involving imbalanced datasets as is the case in several cyber security applications.
title Cyber Security Data Science: Machine Learning Methods and their Performance on Imbalanced Datasets
topic Machine Learning
url https://arxiv.org/abs/2505.04204