Intrusion Detection with Neural Networks Based on Knowledge Extraction by Decision Tree

  • César GuevaraEmail author
  • Matilde Santos
  • Victoria López
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 527)


Detection of intruders or unauthorized access to computers has always been critical when dealing with information systems, where security, integrity and privacy are key issues. Although more and more sophisticated and efficient detection strategies are being developed and implemented, both hardware and software, there is still the necessity of improving them to completely eradicate illegitimate access. The purpose of this paper is to show how soft computing techniques can be used to identify unauthorized access to computers. Advanced data analysis is first applied to obtain a qualitative approach to the data. Decision tree are used to obtain users’ behavior patterns. Neural networks are then chosen as classifiers to identify intrusion detection. The result obtained applying this combination of intelligent techniques on real data is encouraging.


Intrusion detection Pattern recognition Behavioral profile Security Decision tree Neural networks 



This work has been partially supported by the Ministry of Higher Education, Science, Technology and Innovation (SENESCYT) of the Government of the Republic of Ecuador under the scholarship “Convocatoria Abierta 2011 y 2012”.


  1. 1.
    Haq, N.F., Onik, A.R., Avishek, M., Hridoy, K., Rafni, M., Shah, F.M., Farid, D.M.: Application of machine learning approaches in intrusion detection system: a survey. Int. J. Adv. Res. Artif. Intell. 4(3), 9–18 (2015)Google Scholar
  2. 2.
    Ahmed, M., Pal, R., Hossain, M.M., Bikas, M.A. N., Hasa, M.K.: A comparative study on the currently existing intrusion detection systems. In: International Association of Computer Science and Information Technology-Spring Conference, 2009, IACSITSC 2009, pp. 151–154. IEEE, April 2009Google Scholar
  3. 3.
    Guevara, C.B., Santos, M., López, M.V.: Negative selection and knuth morris pratt algorithm for anomaly detection. IEEE Lat. Am. Trans. 14(3), 1473–1479 (2016)CrossRefGoogle Scholar
  4. 4.
    Jo, S., Sung, H., Ahn, B.: A comparative study on the performance of intrusion detection using Decision Tree and Artificial Neural Network models. J. Korea Soc. Digit. Ind. Inf. Manag. 11(4), 33–45 (2015)Google Scholar
  5. 5.
    Esmaily, J., Moradinezhad, R., Ghasemi, J.: Intrusion detection system based on Multi-Layer Perceptron Neural Networks and Decision Tree. In: 2015 7th Conference on Information and Knowledge Technology (IKT), pp. 1–5. IEEE, May 2015Google Scholar
  6. 6.
    Chen, Y., Abraham, A., Yang, B.: Hybrid flexible neural tree based intrusion detection systems. Int. J. Intell. Syst. 22(4), 337–352 (2007)CrossRefGoogle Scholar
  7. 7.
    Liu, G., Yi, Z., Yang, S.: A hierarchical intrusion detection model based on the PCA neural networks. Neurocomputing 70(7), 1561–1568 (2007)CrossRefGoogle Scholar
  8. 8.
    Amudhavel, J., Brindha, V., Anantharaj, B., Karthikeyan, P., Bhuvaneswari, B., Vasanthi, M., Vinodha, D.: A survey on intrusion detection system: state of the art review. Indian J. Sci. Technol. 9(11), 1–9 (2016)Google Scholar
  9. 9.
    Thomsen, E.: OLAP Solutions: Building Multidimensional Information Systems. John Wiley & Sons, New York (2002)Google Scholar
  10. 10.
    Prakash, P.O., Jaya, A.: Analyzing and predicting user behavior pattern from weblogs. Int. J. Appl. Eng. Res. 11(9), 6278–6283 (2016)Google Scholar
  11. 11.
    Guevara, C., Santos, M., López, V.: Data leakage detection algorithm based on sequences of activities. In: Proceedings of the 17th International Symposium Research in Attacks, Intrusions and Defenses RAID, vol. 8688, pp. 477–478. Springer, August 2014Google Scholar
  12. 12.
    Santos, M.: An applied approach to intelligent control. Revista Iberoamericana de Automática e Informática Industrial RIAI 8(4), 283–296 (2011)CrossRefGoogle Scholar
  13. 13.
    Aburomman, A.A., Reaz, M.B.I.: A novel SVM-kNN-PSO ensemble method for intrusion detection system. Appl. Soft Comput. 38, 360–372 (2016)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (, which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

Authors and Affiliations

  • César Guevara
    • 1
    Email author
  • Matilde Santos
    • 1
  • Victoria López
    • 1
  1. 1.Department of Computer Architecture and Automatic ControlUniversity Complutense of MadridMadridSpain

Personalised recommendations