Abstract—Two types of algorithms are realized which have been used within the supervised of model of intrusion detection systems. These algorithms are either of type eager or lazy as far as their performance is concerned. At the learning phase, the lazy algorithms are fairly simple; however, the eager algorithms are highly effective. On the other hand the classification phase is in at most contrast with learning phase. The aim of this research is, taking the advantages of both lazy and eager algorithms to achieve a hybrid algorithm. This approach necessitates employing an eager algorithm of Decision Tree, on the training set, which has led to the creation of a set of Decisions. This set of Decisions is applied on the training set, which results in having a set of binary vectors. In order to enhance the training set these binary vectors were added as new attributes. After that with the lazy algorithm of nearest neighbors, we have classified the samples. The outcome of test results from existing algorithms has been compared with our proposed algorithm. The results show that the proposed algorithm outperforms where the volume of samples are high. The performance of the hybrid algorithm is also remarkable within platforms, with limited or very high processing resources.
Index Terms—Intrusion detection system, machine learning, classification.
Sayyed Majid Mazinani is with Imam Reza International University, Mashhad, Iran (e-mail: email@example.com).
Kazem Fathi is with Islamic Azad University, Sari Branch, Iran (e-mail: firstname.lastname@example.org).
Cite: Sayyed Majid Mazinani and Kazem Fathi, "Combining KNN and Decision Tree Algorithms to Improve Intrusion Detection System Performance," International Journal of Machine Learning and Computing vol.5, no. 6, pp. 476-479, 2015.