Abstract

Traditional intrusion detection technology exists a lot of problems, such as low performance, low intelligent level, high false alarm rate, high false negative rate and so on. In this paper, C4.5 decision tree classification method is used to build an effective decision tree for intrusion detection, then convert the decision tree into rules and save them into the knowledge base of intrusion detection system. These rules are used to judge whether the new network behavior is normal or abnormal. Experiments show that: the detection accuracy rate of intrusion detection algorithm based on C4.5 decision tree is over 90%, and the process of constructing rules is easy to understand, so it is an effective method for intrusion detection.