Certificate: View Certificate
Published Paper PDF: PDF
Rohit Kumar
Independent Researcher
India
Abstract
Intrusion detection systems (IDS) using decision tree algorithms offer a balance between detection accuracy and computational efficiency in engineering networks. This manuscript presents a comprehensive study of IDS design and evaluation, focusing on decision tree classifiers available up to 2013. We develop an experimental framework using a labeled dataset of network traffic, extract statistical features such as packet size, duration, and protocol type, and apply decision tree induction methods (C4.5, CART) to classify normal versus intrusive behavior. A methodology combining feature selection, cross‐validation, and confusion‐matrix metrics is detailed. Statistical analysis illustrates classifier performance under varying training proportions, simulation experiments in a network simulator emulate attack scenarios (DoS, probing, U2R). Results indicate that properly pruned decision trees achieve detection rates above 93 % with false‐positive rates below 6 %. Five research objectives guide the study. Conclusions discuss trade‐offs and recommend deployment guidelines.
Keywords
Intrusion Detection, Decision Tree, C4.5, CART, Network Security, Feature Selection, Simulation, Detection Rate, False Positive Rate, Cross‐Validation
References
- Breiman, L., Friedman, J., Olshen, R., & Stone, C. (1984). Classification and Regression Trees. Wadsworth.
- Chan, P. K., & Stolfo, S. J. (1998). Toward scalable learning with nonuniform class and cost distributions: A case study in credit card fraud detection. In Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (pp. 164–168).
- Lee, W., Stolfo, S. J., & Mok, K. W. (2000). A data mining framework for building intrusion detection models. In IEEE Symposium on Security and Privacy (pp. 120–132).
- Lin, W., Ke, C.-J., & Lü, Z. (2006). An improved CART algorithm for intrusion detection. Journal of Systems Engineering and Electronics, 17(3), 560–567.
- Mukkamala, S., Sung, A. H., & Abraham, A. (2002). Intrusion detection using an ensemble of intelligent paradigms. Journal of Network and Computer Applications, 28(2), 167–182.
- Tavallaee, M., Bagchi, A., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6).
- Tsai, C.-F., Hsu, Y.-F., Lin, C.-Y., & Lin, W.-Y. (2009). Intrusion detection by machine learning: A review. Expert Systems with Applications, 36(10), 11994–12000.
- Zhang, Y., & Zulkernine, M. (2012). Anomaly based network intrusion detection with unsupervised outlier detection. In IEEE International Conference on Communications (pp. 2388–2393).
- Quinlan, J. R. (1993). C4.5: Programs for Machine Learning. Morgan Kaufmann.
- Kizza, J. M. (2013). Guide to Computer Network Security. Springer.
