How to prevent hackers, identify key targets and implement effective decision- making is the most important issue for information security. This study proposes a hybrid model analysis method to find the rules from the intrusion detection model rules. First, predictive analysis through logistic regression to find out the target object that was False Positives, these objects should be safe in the prediction, but they are actually attacked. Therefore, it is most effective to implement decision-making on the target object that has been False Positives. Next, use the rough set for Reduct and core, find the hidden rules in the variable properties, then compare the rules of the target object that was False Positives, Identify the key factors for the target being attacked. Finally, the attribute improvement table is proposed to provide decision makers to make decisions. The intrusion detection case in information security is studied to validate superiority of the proposed solution approach.