In this paper, a new technology is proposed to solve anomaly detection problems of the high false positive rate or hard to build the model of normal behavior, etc. What our technology based on is the similarity between outliers and intrusions. So we proposed a new outlier mining algorithm based on index tree to detect intrusions. The algorithm improves on the HilOut algorithm to avoid the complex generation of Hilbert value. It calculates the upper and lower bound of the weight of each record with r-region and index tree to avoid unnecessary distance calculation. The algorithm is easy to implement, and more suitable to detect intrusions in the audit data. We have performed many experiments on the KDDCup99 dataset to validate the effect of TreeOut and obtain good results.