Advanced SearchSearch Tips
A Comparative Study on the Performance of Intrusion Detection using Decision Tree and Artificial Neural Network Models
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Comparative Study on the Performance of Intrusion Detection using Decision Tree and Artificial Neural Network Models
Jo, Seongrae; Sung, Haengnam; Ahn, Byunghyuk;
  PDF(new window)
Currently, Internet is used an essential tool in the business area. Despite this importance, there is a risk of network attacks attempting collection of fraudulence, private information, and cyber terrorism. Firewalls and IDS(Intrusion Detection System) are tools against those attacks. IDS is used to determine whether a network data is a network attack. IDS analyzes the network data using various techniques including expert system, data mining, and state transition analysis. This paper tries to compare the performance of two data mining models in detecting network attacks. They are decision tree (C4.5), and neural network (FANN model). I trained and tested these models with data and measured the effectiveness in terms of detection accuracy, detection rate, and false alarm rate. This paper tries to find out which model is effective in intrusion detection. In the analysis, I used KDD Cup 99 data which is a benchmark data in intrusion detection research. I used an open source Weka software for C4.5 model, and C++ code available for FANN model.
Data Mining;C4.5;Neural Network;Decision Tree;Forward Additive Neural Network Models;
 Cited by
박대우, "국가사이버보안정책에서 해킹에 대한 소고," 한국정보보호학회논문지, 제21권, 제6호, 2011, pp. 24-41.

Wu, S. and Yen, E., "Data Mining-based Intrusion Detectors," Expert Systems with Applications, Vol. 36, No. 3, 2009, pp. 5605-5612. crossref(new window)

Bace, R. and Mell, P., NIST Special Publication on Intrusion Detection Systems, 2001.

Singaraju, S., and Kalpana, P., A Precise Survey on Intrusion Detection Systems, 2012.

신대철.김홍윤, "침입탐지 알고리즘 성능 최적화 및 평가 방법론 개발," 디지털산업정보학회논문지, 제8권, 제1호, 2012, pp. 125-137.

양환석, "프로토콜 기반 분산 침입탐지시스템 설계 및 구현," 디지털산업정보학회논문지, 제8권, 제1호, 2012, pp. 81-87.

Beigh, B. M. and Peer, M. A. "Intrusion Detection and Prevention System: Classification and Quick Review," ARPN Journal of Science and Technology, Vol. 2, No. 7, 2012, pp. 661-675.

Kumar, Y. and Dhawan, S., "A Review on Information Flow in Intrusion Detection System," International Journal of Computational Engineering and Management, Vol. 15, No. 1, 2012, pp.91-96.

Denning, D. E., "An Intrusion-Detection Model," IEEE Transaction on Software Engineering, Vol. 13, No. 2, 1987, pp. 222-232.

Nguyen, H. A. and Choi. D., "Application of Data Mining to Network Intrusion Detection: Classifier Selection Model," Challenges for Next Generation Network Operations and Service Management -Lecture Notes in Computer Science, Vol. 5297, 2008, pp. 399-408.

Jalil, K. A., Kamarudin, M. H., and Masrek, M. N., "Comparison of Machine Learning Algorithms Performance in Detecting Network Intrusion," Networking and Information Technology 2010 International Conference, 2010, pp. 221-226.

Osareh, A. and Shadgar, B., "Intrusion Detection in Computer Networks Based on Machine Learning Algorithms," International Journal of Computer Science and Network Security, Vol. 8, No. 11, 2008, pp. 15-23.

Ibrahim, H. E., Badr, S. M., and Shaheen, M. A. "Phases vs. Levels using Decision Trees for Intrusion Detection Systems," International Journal of Computer Science and Information Security, Vol. 10, No. 8, 2012, pp. 1-7.

Quinlan, J. R., C4.5 : Programs for Machine Learning, Morgan Kaufmann Publishers, 1992.

McCulloch, Warren S., and Walter Pitts., "A logical Calculus of the Ideas Immanent in Nervous Activity," The Bulletin of Mathematical Biophysics, Vol. 5, No. 4, 1943, pp. 115-133. crossref(new window)

Rosenblatt, F., Principles of Neurodynamics. 1962.

Widrow, B. and Hoff, M. E., Adaptive Switching Circuits. In: Neurocomputing: Foundations of Research. MIT Press, 1988.

Minsky, M. and Papert, S., Perceptrons, MIT Press, 1969.

Rumelhart, D. E., Hinton, G. E., and Williams, R. J. Learning Internal Representations by Error Propagation. Institute for Cognitive Science, University of California, San Diego, 1985.

Ahn, B. H., "Forward Additive Neural Network Models," PhD dissertation, Kent State University, Kent, OH, USA, 1996.

이한성, 임영희, 박주영, 박대희., "SVM 클러스터링 기반 적응형 침입탐지 시스템," 퍼지 및 지능 시스템학회논문지, 제13권, 제2호, 2003, pp. 237-242.

Zarrabi, A. and Zarrabi, A., "Internet Intrusion Detection System Service in a Cloud," International Journal of Computer Science Issues, Vol. 9, Issue 5, No 2, 2012, pp. 308-315.

Fares, A. H., Sharawy, M. I., and Zayed, H. H., "Intrusion Detection: Supervised Machine Learning," Journal of Computing Science and Engineering, Vol. 5, No. 4, 2011, pp. 305-313. crossref(new window)