A Granular Computing Based Decision Tree Algorithm and its Application in Intrusion Detection
Decision tree algorithms have been widely used in intrusion detection. In this paper, within the framework of granular computing (GrC), we propose a new decision tree algorithm called DTGAE and apply it to intrusion detection. First, by virtue of the GrC model using information tables, we propose a new information entropy model, which contains two basic notions: approximation entropy of granule (AEG) and GrC-based approximation entropy (GAE), where the latter is defined based on the former. In algorithm DTGAE, GAE is adopted as the heuristic information for the selection of splitting attributes. When calculating AEG and GAE, we not only utilize the concept of conditional entropy in Shannon's information theory, but also use the concept of approximation accuracy in rough sets. Second, we present a method of decision tree pre-pruning based on Düntsch's knowledge entropy. Finally, the KDDCUP99 data set is used to verify the effectiveness of our algorithm in intrusion detection.