Abstract:
In view of problems of low detection rate and high false detection rate in intrusion detection method based on Bayesian or decision tree, the paper proposed an intrusion detection method based on Bayesian and decision tree. Firstly, Naive Bayesian method based on feature similarity is used to classify samples of training set and class value of each sample is updated. Then the samples are classified with Naive Bayesian method again. Those classes which contain misclassified samples are divided into some subclasses by using the attributes which were determined by information gain of decision tree, and the subclasses are operated on classification and partition. Finally, the model of combination of Bayesian and decision tree is used for intrusion detection. The experiment result showed that the detection method has higher detection rate than the method using either Bayesian or decision tree.