Applyment And Research Of A Intrusion Detection System Based On Decision Tree Arithmetic

With the fast development of the computer network technology, the security problem becomes more and more important. However, the traditional firewall technology is unable to defense computer network attack enough. Intrusion detection system plays an important role for firewall. The pattern matching technology has obvious disadvantages of time and space efficiency in complex computer network systems and under being endless attacked situation E.G. it has the problem of low efficiency and high false alarm rate. In order to solve these problems, an idea of using decision tree to realize intrusion detection system is put forward in this article. Using the information gain-ratio as the selection criteria, the process of intrusion detection is realized by traversing the decision tree. Finally, the system has the higher detection efficiency and detection accuracy.This article include these main contents:The research work was done on the network intrusion detection technology, according to Intrusion Detection different classification criteria, description of the misuse detection, the anomaly detection, the network-based detection and the host-based detection technology. Analyzes the data packet-interception technology, description of Berkeley packet filter mechanism. Do some research in the API function library LIBPCAP of data packet-interception, which are written by Lorentz Berkeley National Laboratory. Then data mining algorithms and network packet capture method are discussed; How to choose decision tree algorithm is described, including the algorithmic classification of decision tree, the workflow of decision tree algorithm, and the detection process using the decision tree. In the method, we exploit the advantages of Data Mining Techniques to extracts characteristics and rules from data, use network data to capture and use preconditioning techniques and data mining decision tree algorithm combination.Intrusion Decision System based on the decision tree classification arithmetic is put forward; The architecture of the Intrusion Detection System based on the decision tree classification arithmetic is pictured in finally. And given the data acquisition and preprocessing method. Tested the detection efficacity, the detection accuracy of the system, then, the experiments prove that the system has the higher detection efficiency and detection accuracy.