Detection of Novel Cyberattacks Using Multi-Binary Classifiers

Intrusion Detection Systems (IDSs) are an essential part of modern-day cybersecurity defenses, enabling the detection of potential malicious activities within network and computer systems. Although multiple techniques have been employed to implement IDSs, supervised machine learning approaches have historically proven particularly effective due to their capacity to leverage large amounts of data and maintain a generally low false alarm rate. However, a significant limitation of these approaches is their inability to detect novel threats, such as zero-day attacks, that were not present in the training data. In this study, we introduce a novel supervised approach based on binary classifiers that can detect these previously unseen attacks while also maintaining a high detection rate and low false alarm rate through the use of a filtering mechanism. We empirically demonstrate the effectiveness of our proposed technique on multiple intrusion detection datasets, showing that it is able to detect unseen attacks and perform multiclass classification while outperforming traditional supervised methods.