Network intrusion problem has been received more attention during the past few years due to the increase company network usages. Many network intrusion systems have been proposed and in cooperated various classifiers to identify malicious packages among all regular network packages using the past history. Decision tree algorithm is one of the popular adapted classifier. It utilizes the training records to build a decision tree model which select the best split of a single attribute among all candidate attributes that best classifies training records. To facilitate a combination of attributes, the decision tree must apply a finite number of branches which may generate a tall tree. Attributes may relate in a more complex setting that they need to be simultaneously used for branching. This paper proposes a new decision tree algorithm that uses multiple attributes to construct a core vector generated from two farthest records. Then the algorithm recursively partition the dataset along this core vector using the vector projection. The best split is identified along this core vector based on the information gain. Our results show the improvement of the network intrusion problem from UCI over the regular decision tree algorithm.
[1]
Todd L. Heberlein,et al.
Network intrusion detection
,
1994,
IEEE Network.
[2]
Emin Anarim,et al.
An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks
,
2005,
Expert Syst. Appl..
[3]
Salvatore J. Stolfo,et al.
Using artificial anomalies to detect unknown and known network intrusions
,
2003,
Knowledge and Information Systems.
[4]
Wei-Yang Lin,et al.
Intrusion detection by machine learning: A review
,
2009,
Expert Syst. Appl..
[5]
J. Ross Quinlan,et al.
Learning Efficient Classification Procedures and Their Application to Chess End Games
,
1983
.
[6]
Xiangyang Li,et al.
Decision Tree Classifiers for Computer Intrusion Detection
,
2001,
Scalable Comput. Pract. Exp..
[7]
David A. Cieslak,et al.
Combating imbalance in network intrusion datasets
,
2006,
2006 IEEE International Conference on Granular Computing.
[8]
Jaideep Srivastava,et al.
Data Mining for Network Intrusion Detection
,
2002
.
[9]
J. Ross Quinlan,et al.
C4.5: Programs for Machine Learning
,
1992
.