| With the fast development of the computer network technology, the security problem becomes more and more important.However, the traditional firewall technology is unable to defense computer network attack enough. Intrusion detection system plays an important role for firewall. The intrusion detection algorithm that is as basic of intrusion detection system, is more important nowadays. Based on the analysis and comparison of various detection algorithms,we found The decision tree has advantages of simple structure, well understanding, high precision and no Parameters, so this dissertation applied the decision tree to attaek detection.But the decision tree itself also has some shortcomings.The classic decision tree algorithm is only based on information, to make it better for intrusion detection. In view of this, this paper presents a decision tree with combining attributes associated intrusion detection algorithm, and then propose a comprehensive strategy for the pruning algorithm to avoid overfitting of the test results. And Intrusion Detection used KDD CUP99data set to experiment and analyze the experimental results to show that the classification algorithm in the detection rate and false detection rates has been significantly improved than the the original decision tree classification Which is only based on information gain, and in the context of comprehensive strategy pruning algorithm found in the intrusion detection algorithm performance has been further improved. By the test of algorithm in the face of unknown attacks, the algorithm not only making good judgments in the face of the known attacks, but also in the face of the unknown attack detection. |
PDF Full Text Request