Abstract: This paper dedicates to propose an optimized neural network tree (ONNT) based anomaly detection method that is capable to improve the understandability and interpretability on the detection results of the trained learning model as well as the anomaly detection accuracy. ONNT is a binary-tree-structured hybrid learning model whose interior nodes split according to the criterion of information gain ratio. The simple perceptron neural network embedded in each interior node is trained on the current samples. A limited number of input features are selected on current samples in accordance to instruction signal for the perceptron neural network to build a local decision hyper-plane with low complexity. The proposed anomaly detection method involves two optimization items. Firstly, the complexity of local decision hyper-plane is decreased by optimizing each interior node. The trained neural network in an interior node with simple structure enables the learning result to be interpreted into low complexity Boolean functions or rule set followed by acceptable computation cost, and thereby lay a good basis for the interpretability of the learning results. Secondly, the tree structure of the learning model is optimized, i.e., the neural network tree(NNT) is pruned to condense the precondition in disjunctive description of all interior nodes, which makes the extracted rule set as understandable as possible. The experimental results compared with those of NNT based detection method suggest that the ONNT based anomaly intrusion detection method allows better understandability and interpretability on the anomaly detection results as a result of simpler structured neural network in interior nodes and reduced complexity of tree structure. The experimental results compared with those obtained by other parallel methods show that the ONNT based anomaly detection method achieves competitive recognition accuracy as well as lower false alarm rate. And what is more, the proposed anomaly detection method presents the information of those features which make greater contribution to the detection result.