Abstract
In this paper, we propose a novel decision tree algorithm DTADE within the framework of rough set theory, and apply DTADE to intrusion detection. We define a new information entropy model — approximation decision entropy (ADE) in rough sets, which combines the concept of conditional entropy in Shannon’s information theory and the concept of approximation accuracy in rough sets. In algorithm DTADE, ADE is adopted as the heuristic information for the selection of splitting attributes. Moreover, we present a method of decision tree pre-pruning based on the concept of knowledge entropy proposed by Düntsch and Gediga. Finally, the KDDCUP99 data set is used to verify the effectiveness of our algorithm in intrusion detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. James P. Anderson Co., Fort Washington (1980)
Li, X.Y., Ye, N.: Decision tree classifiers for computer intrusion detection. Journal of Parallel and Distributed Computing Practices 4(2), 179–190 (2001)
Quinlan, R.: Induction of decision trees. Machine Learning 1(1), 81–106 (1986)
Quinlan, R.: C4.5: Programs for Machine Learning. Morgan Kaufmann (1993)
Shannon, C.E.: The mathematical theory of communication. Bell System Technical Journal 27(3-4), 373–423 (1948)
Pawlak, Z.: Rough Sets. Int. J. Comput. Informat. Sci. 11(5), 341–356 (1982)
Düntsch, I., Gediga, G.: Uncertainty measures of rough set prediction. Artificial Intelligence 106, 109–137 (1998)
Liang, J.Y., Shi, Z.Z.: The information entropy, rough entropy and knowledge granulation in rough set theory. Int. Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 12(1), 37–46 (2004)
Miao, D.Q., Hu, G.R.: An Heuristic Algorithm of Knowledge Reduction. Computer Research and Development 36(6), 681–684 (1999)
Wang, G.Y., Yu, H., Yang, D.C.: Decision table reduction based on conditional information entropy. Chinese Journal of Computers 25(7), 759–766 (2002)
Breslow, L.A., Aha, D.W.: Simplifying decision trees: a survey. Knowledge Engineering Review 12(1), 1–40 (1997)
Dougherty, J., Kohavi, R., Sahami, M.: Supervised and Unsupervised Discretization of Continuous Features. In: Proc. of the 12th International Conference on Machine Learning, pp. 194–202. Morgan Kaufmann Publishers (1995)
Xu, Z.Y., Liu, Z.P., Yang, B.R., Song, W.: A Quick Attribute Reduction Algorithm with Complexity of max(O(|C| |U|),O(|C|2 |U/C|)). Chinese Journal of Computers 29(3), 391–399 (2006)
KDD Cup 99 Dataset (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques with Java Implementations. Morgan Kaufmann (2000)
Øhrn, A.: Rosetta Technical Reference Manual (1999), http://www.idi.ntnu.no/_aleks/rosetta
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhao, H., Jiang, F., Wang, C. (2012). An Approximation Decision Entropy Based Decision Tree Algorithm and Its Application in Intrusion Detection. In: Li, T., et al. Rough Sets and Knowledge Technology. RSKT 2012. Lecture Notes in Computer Science(), vol 7414. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31900-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-31900-6_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31899-3
Online ISBN: 978-3-642-31900-6
eBook Packages: Computer ScienceComputer Science (R0)