Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection

TL;DR

This paper introduces a hybrid learning algorithm combining naive Bayesian classifier and decision tree techniques to improve adaptive network intrusion detection, reducing false positives and handling complex data issues effectively.

Contribution

The paper presents a novel hybrid algorithm that enhances intrusion detection accuracy and efficiency by integrating naive Bayes and decision trees, addressing data complexity and noise.

Findings

Achieved high detection rates on KDD99 dataset

Significantly reduced false positives

Operated efficiently with limited computational resources

Abstract

In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR) and significant reduce false positives (FP) for different types of network intrusions using limited computational resources.