An Optimized Decision Tree Approach for Intrusion Detection

Abstract

Nowadays, with rapid development in networking infrastructures and with an
increase in Internet usage, network security has become an important issue for discussion.
Some major challenges with regard to network security are DOS attack, Botnets etc., and
sometimes vulnerabilities in network design can also serve as intrusion points for
intruders. Therefore, this paper focuses and ensures on optimum network security by
setting some thresholds on generic based feature selection mechanism in order to block
and overcome attacks like DOS, R2L and U2R etc. In order to verify our approach, a broadly
known intrusion dataset named NSL-KDD is used. For detecting the attacks in a network
efficiently and also to reduce the false alarm rate, we optimize the decision trees by using
Ant Colony Optimization (ACO) algorithm. In order to reduce the dataset size we have used
ACO algorithm for feature selection. This would provide a more efficient and reduced
version of a decision tree and it will also help to identify the exact attack categories. Thus,
this approach will prove to be quite an efficient way to identify intrusions in a network for
the detection of any abnormal activity on the network .Thus, the proposed system will (1)
immediately block an intruder if any of the threshold values set are exceeded. (2) it will list
the exact type of attack used by an intruder to get access to the network (3) it also ensures
optimum network security.