ChapterSCO_77954580806 uri icon

abstract

  • © 2006 by International Federation for Information Processing. All rights reserved. Decision tree learning algorithms have been successfully used in knowledge discovery. They use induction in order to provide an appropriate classification of objects in terms of their attributes, inferring decision tree rules. This paper reports on the use of ID3 to Web attack detection. Even though simple, ID3 is sufficient to put apart a number of Web attacks, including a large proportion of their variants. It also surpasses existing methods: it portrays a higher true-positive detection rate and a lower false-positive one. The IDS output classification rules that are easy to read and so computer officers are more likely to grasp the root of an attack, as well as extending the capabilities of the classifier.