一种多标准决策树剪枝方法及其在入侵检测中的应用
A multi-criterion pruning method for decision trees and its application in intrusion detection
-
摘要: 为提高决策树的适用性,以决策树在入侵检测中的应用为背景提出一种多标准的剪枝方法,使决策树程序能在参数调整后适应不同的应用.给出了用于描述决策树不同性能的一些参量,如稳定性、复杂度、分类能力等,用户可以根据具体情况对向量各分量的权重进行调整,逐步得到满足要求的决策树.实验结果表明,该算法能够根据入侵检测系统的具体需要,快速地构建相应的决策树,从而程序可被用于不同情况.该方法把由程序员决定决策树变成了由用户决定决策树,程序更通用,结果更合理.Abstract: To improve the applicability of decision trees, a multi-criterion pruning method was proposed for the application of decision trees in intrusion detection, which enabled decision trees suitable for different conditions by parameter adjustment. Several parameters for describing the performance of a decision tree, such as stability, complexity and classification ability, were proposed. To meet the needs of different applications, the decision tree was expressed as a vector. Weights of different components of the vector could be adjusted according to the fact, and the required decision tree could be built gradually. Experimental results show that the proposed method can rapidly construct different decision trees according different specific environments, thus one program can be used in different conditions. The approach changes the creator of a decision tree from a programmer to a user, so the program is more suitable and the result is more reasonable.