Skip to main content
SpringerLink
Log in

Intrusion Detection Using Improved Decision Tree Algorithm with Binary and Quad Split

  • Conference paper
  • First Online:
Security in Computing and Communications (SSCC 2016)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 625))

Included in the following conference series:

Abstract

Security is a big issue for all servers including defence and government organisations. The Intrusion detection system (IDS) is one that scans server’s incoming data activities and attempts to detect the attacks. Data mining based IDS have shown good detection rates for normal and DoS attacks, but do not perform well on Probe, U2R and R2L attacks.

The paper highlights the poor performance of existing ID3 algorithm for Probe, R2L and U2R attacks. The paper also proposes improved decision tree algorithm using binary split (IDTBS) and improved decision tree algorithm using quad split (IDTQS) for improving the detection rate of Probe, U2R and R2L attacks. In this research, KDD99 dataset is used for the experimentation. The True Positive Rate (TPR) accuracy of both the algorithms are compared with the existing ID3 decision tree algorithm. IDTQS algorithm outperforms with the True Positive Rates (TPR) accuracy for Probe, R2L and U2R attacks with values of 99.23 %, 95.57 % and 56.31 % respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Chen, T., Zhang, X., Kim, S.: Efficient classification using parallel scalable compressed model and its application, pp. 5972–5983. Elsevier, China (2014)

    Google Scholar 

  2. David, J., Borghetti, J., Angela, A.: Survey of Distance and Similarity Measures Used Within NW Intrusion Anomaly Detection, pp. 70–91. IEEE, USA (2015)

    Google Scholar 

  3. Mazid, M.M., Ali, S., Tickle, K.: Improved C4.5 algorithm for rule based classification. In: Recent Advances in AI knowledge Engineering and Data Bases, pp. 296–301. ACM (2010)

    Google Scholar 

  4. Ektefa, M., Memar, S., Serdang: Intrusion detection using data mining techniques. In: CAMP, pp. 200–203. IEEE (2010)

    Google Scholar 

  5. Adetunmbi, A., Adeola, S., Abosede, O.: Analysis of KDD 99 intrusion detection dataset for selection of relevance features. In: WCECS, pp. 162–168 (2010)

    Google Scholar 

  6. Gaikwad, D.P., Thool, R.: Intrusion detection system using bagging with partial decision treebase classifier. In: ICAC3, pp. 92–98. Elsevier (2015)

    Google Scholar 

  7. Jabez, J., Muthukumar, B.: Intrusion detection system (IDS): anomaly detection using outlier detection approach. In: ICCC, pp. 338–346. Elsevier (2015)

    Google Scholar 

  8. Wua, S.Y., Yen, E.: Data mining-based intrusion detectors. Expert Syst. Appl. 36(3), 5605–5612 (2009). Elsevier

    Article  Google Scholar 

  9. Amudha, P., Rauf, H.A.: Performance Analysis of Data Mining Approaches in Intrusion Detection, India, pp. 1–6. IEEE (2012)

    Google Scholar 

  10. Bagheri, E., WeiLu, Ghorbani, A.A.: A Detailed Analysis of the KDD CUP 99 Data Set. IEEE (2009)

    Google Scholar 

  11. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the 2009 IEEE Symposium on Computational Intelligence in Security and Defense Applications (2009)

    Google Scholar 

  12. SANS Institute Authors: Intrusion Detection Systems: Definition. Need and Challenges, SANS Institute Reading Room (2001)

    Google Scholar 

  13. Subrata, S.P.N., Kumar, B.I.: A comparative study of bagging, boosting and C4.5. Asian J. Inf. Techn. 9, 300–306 (2010)

    Article  Google Scholar 

  14. Kotsiantis, S.B.: Decision trees: a recent overview. Artif. Intell. Rev. 39, 261–283 (2011). Springer Science and business media

    Article  Google Scholar 

  15. Simone, A., Ludwig, F.: Analyzing Gene Expression Data: Fuzzy Decision Tree Algorithm Applied to the Classification of Cancer Data, pp. 1–8. IEEE (2015)

    Google Scholar 

  16. Wikipedia, free encyclopedia, cross validation statistics, timestamp: 14: 00 hrs, 22 March 2016

    Google Scholar 

  17. Dunham, M.H., Sridhar, S.: Data Mining Introductory and Advanced Topics. Prentice Hall, Saddle River (2015)

    Google Scholar 

  18. Bjerkestrand, T., Tsaptsinos, D., Pfluegel, E.: Evaluation of feature selection and reduction algorithms for network IDS data. In: Cyber Situational Awareness (CyberSA), London, pp. 1–2 (2015)

    Google Scholar 

  19. Neha, G., Dharmaraj, R.: Implementation of network intrusion detection system using variant of decision tree algorithm. In: 2015 International Conference on Nascent Technologies in the Engineering Field (ICNTE-2015), India, pp. 1–5 (2015)

    Google Scholar 

  20. Aggarwal, P., Sharma, S.: An empirical comparison of classifiers to analyze intrusion detection. In: Advanced Computing Communication Technologies (ACCT) Fifth International Conference on IEEE, India, pp. 6–12 (2015)

    Google Scholar 

  21. Elekar, K.S.: Combination of data mining techniques for intrusion detection system. In: 2015 International Conference on Communication and Control (IC4). IEEE (2015)

    Google Scholar 

  22. Thakur, D., Markandaiah, N., Sharan Raj, D.: Re optimization of ID3 and C4. 5 decision tree. In: 2010 International Conference on IEEE Computer and Communication Technology (ICCCT), pp. 448–450 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CE and IT Department, Mukesh Patel School of Technology Management and Engineering, Vile Parle, 400056, Mumbai, India

    Shubha Puthran

  2. IT Department, Mukesh Patel School of Technology Management and Engineering, Vile Parle, 400056, Mumbai, India

    Ketan Shah

Authors
  1. Shubha Puthran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ketan Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shubha Puthran .

Editor information

Editors and Affiliations

  1. IBM ZURICH RESEARCH LABORATORY, IBM ZURICH RESEARCH LABORATORY, RUESCHLIKON, Switzerland

    Peter Mueller

  2. Technology and Management, Indian Institute of Information Technology and Management, Kerala, India

    Sabu M. Thampi

  3. Temple University, New York, New York, USA

    Md Zakirul Alam Bhuiyan

  4. Computer Science, University of Waikato Computer Science, Hamilton, New Zealand

    Ryan Ko

  5. Deakin University , Burwood, Victoria, Australia

    Robin Doss

  6. University of the West of Scotland , Paisley, Glasgow, United Kingdom

    Jose M. Alcaraz Calero

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Puthran, S., Shah, K. (2016). Intrusion Detection Using Improved Decision Tree Algorithm with Binary and Quad Split. In: Mueller, P., Thampi, S., Alam Bhuiyan, M., Ko, R., Doss, R., Alcaraz Calero, J. (eds) Security in Computing and Communications. SSCC 2016. Communications in Computer and Information Science, vol 625. Springer, Singapore. https://doi.org/10.1007/978-981-10-2738-3_37

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-2738-3_37

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-2737-6

  • Online ISBN: 978-981-10-2738-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation