Performance Comparison of Random Forest and Decision Tree Algorithms for Anomaly Detection in Networks

The increase in cyber attacks has made network security a very important focus in this digital era. This research compares the performance of two machine learning algorithms, that is Random Forest and Decision Tree for detecting anomalies in networks using the UNSW-NB15 datasets, which include various types of attacks such as DoS, Backdoor, Exploits and others which will be used to train and test both models. The data collection method, pre-processing, data splitting and modelling using SMOTE method to handle data imbalanced were applied in both algorithms and then evaluated using accuracy, precision, recall and f1-score metrics. From the study result, it can be conclude that the Decision Tree algorithm performs better in detecting anomalies in binary data with an accuracy of 99,71%. However, in multi-class data, Random Forest showed slightly better performance, though it required significantly more time for training and prediction. Despite the small difference in accuracy, Decision Tree demonstrated faster prediction times, making it more efficient for time-sensitive applications. This research concludes that while Random Forest provides higher accuracy for complex datasets, Decision Tree offers a more time-efficient solution with comparable accuracy.