ABSTRACT
XGBoost is a recent machine learning method that has been getting increasing attention. It won Kaggle's Higgs Machine Learning Challenge, among several other Kaggle competitions, because of its performance. In this chapter, we explore the use of XGBoost in the context of anomaly-based network intrusion detection, an area in which there is a considerable gap. We study not only the performance of XGBoost with two recent datasets, but also how to optimize its performance and model parameter choice. We also provide insights into which dataset features are the best for performance tuning.
