I. Introduction
Intrusion Detection Systems (IDS) are instrumental for the protection of network and credential assets [1]. IDS can be broadly classified into two types based on their analysis behavior: NIDS and HIDS, the usefulness of which has been demonstrated via extensive research [2]. A NIDS is typically deployed at tactical points on a network to monitor network traffic from all network devices and to identify malicious ac-tivities and policy violations [3]. NIDS's decision-making en-gine can be rule/policy-based or machine/deep learning-based which is capable of mining patterns from massive amounts of network traffic to make precise decisions. On the other hand, a HIDS is deployed on servers and end devices. HIDS can be categorized as system log-based, system call-based, Windows registry-based, or file system-based, depending on the data source [4]. Both NIDS and HIDS have undergone substantial investigation, and a wide variety of models have been presented to reduce the model's bias and variance in order to increase the performance. Nonetheless, decomposing machine learning errors reveal that even the optimal machine learning models cannot get around data noise, and that every model will eventually approach its theoretical limit due to data noise [5]. Thus, we hypothesize that combining features and information from multiple domains is a viable approach for addressing this fundamental problem.