An effective combining classifier approach using tree algorithms for network intrusion detection

In this paper, we developed a combining classifier model based on tree-based algorithms for network intrusion detection. The NSL-KDD dataset, a much improved version of the original KDDCUP'99 dataset, was used to evaluate the performance of our detection algorithm. The task of our detection algorithm was to classify whether the incoming network traffics are normal or an attack, based on 41 features describing every pattern of network traffic. The detection accuracy of 89.24 % was achieved using the combination of random tree and NBTree algorithms based on the sum rule scheme, outperforming the individual random tree algorithm. This result represents the highest result achieved so far using the complete NSL-KDD dataset. Therefore, combining classifier approach based on the sum rule scheme can yield better results than individual classifiers, giving us hope of better anomaly based intrusion detection systems in the future.