Real-Time Information Security Situational Awareness in Big Data Networks Using an Improved C4.5 Decision Tree with Dynamic Feature Weighting and Hybrid Pruning

Abstract

With the rapid development of big data technology, network attacks are characterized by scale, concealment and intelligence. In this paper, an improved C4.5 decision tree algorithm (DW-C4.5) is proposed, and a real-time detection model is constructed by dynamic feature weighting (integrating random forest feature importance and information gain ratio optimization) and mixed pruning strategy (pre-pruning error rate threshold of 0.05+pruning cost complexity after pruning). Twelve kinds of attacks, such as DDoS, APT and zero-day exploitation, are tested on four public data sets (NSL-KDD, CIC-IDS2017 and UNSW-NB15) and one enterprise intranet log data set. The results show that the detection accuracy is 96.71%, which is 10.3 percentage points higher than that of traditional C4.5. The integrated Spark Streaming framework achieves a log throughput of 280,000 logs per second, and the false alarm rate is controlled below 3.12%. This method provides an efficient technical path for the dynamic security protection of massive network data.

Authors

  • Lin Sun Wuhan Vocational College of Software and Engineering
  • Zhe Luo Wuhan Institute of Design and Sciences

DOI:

https://doi.org/10.31449/inf.v49i19.9680

Downloads

Published

12/14/2025

How to Cite

Sun, L., & Luo, Z. (2025). Real-Time Information Security Situational Awareness in Big Data Networks Using an Improved C4.5 Decision Tree with Dynamic Feature Weighting and Hybrid Pruning. Informatica, 49(19). https://doi.org/10.31449/inf.v49i19.9680

Issue

Vol. 49 No. 19 (2025): Online-only issue

Section

Online-only

License

Authors retain copyright in their work. By submitting to and publishing with Informatica, authors grant the publisher (Slovene Society Informatika) the non-exclusive right to publish, reproduce, and distribute the article and to identify itself as the original publisher.

All articles are published under the Creative Commons Attribution license CC BY 3.0. Under this license, others may share and adapt the work for any purpose, provided appropriate credit is given and changes (if any) are indicated.

Authors may deposit and share the submitted version, accepted manuscript, and published version, provided the original publication in Informatica is properly cited.