Cost-Sensitive Learning for Confidential Access Control

Abstract

It is common to control access to critical information based on the need-to-know principle; The requests for access are authorized only if the content of the requested information is relevant to the requester's project. We formulate such a dichotomous decision in a machine learning framework. Although the cost for misclassifying examples should be differentiated according to their importance, the best-performing error-minimizing classifiers do not have ways of incorporating the cost information into their learning processes. In order to handle the cost effectively, we apply two cost-sensitive learning methods to the problem of the confidential access control and compare their usefulness with those of error-minimizing classifiers. We devise a new metric for assigning cost to any datasets. From the comparison of the cost-sensitive classifiers with error-minimizing classifiers, we find that costing demonstrates the best performance in that it minimizes the cost for misclassifying the examples and the false positive using a relatively small amount of training data.