期刊名称:International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)
印刷版ISSN:2278-1323
出版年度:2012
卷号:1
期号:5
页码:352-356
出版社:Shri Pannalal Research Institute of Technolgy
摘要:Intrusion detection technology exists a lot of problems, such as low performance, low intelligent level, high false alarm rate, high false negative rate and so on. There is a need to develop some robust decision tree in order to produce effective decision rules from the attacked data. In this paper, ID3 decision tree classification method is used to build an effective decision tree for intrusion detection, then convert the decision tree into rules and save them into the knowledge base of intrusion detection system. These rules are used to judge whether the new network behavior is normal or abnormal. Experiments show that: the detection accuracy rate of intrusion detection algorithm based on ID3 decision tree is over 97%, and the process of constructing rules is easy to understand, so it is an effective method for intrusion detection. This paper introduces the use of ID3 algorithm of decision tree and we use Havrda and Charvat Entropy instead of Shannon Entropy. This decision tree evaluates less false positive and true negative alarm rates compare to existing algorithms. This Decision Tree helps in taking the better decision to analyze the data.
关键词:ID3 algorithm; intrusion detection; data mining; decision tree
