The goal of host-based intrusion detection is to detect attacks
against a single information system. Many host-based intrusion
detector systems - especially those that use anomaly detection - use training data to synthesize detectors automatically, that is, the detectors are classifiers created by machine learning. Regularization, which often improves the performance of machine learning algorithms, has not previously been applied to intrusion detector synthesis.
This paper discusses regularization for machine learning-based
intrusion detectors, showing how regularization can be accomplished
for such systems and providing the results of an empirical evaluation.