T2 Control Chart based on Successive Difference Covariance Matrix for Intrusion Detection System

The Intrusion detection is a process to monitor the events taking place in a computer system or network and analyze the monitoring results to find signs of intrusion. One of alternative solutions for intrusion detection is the usage of statistical methods that Statistical Process Control especially the control charts.. In this research, the Hotelling's T 2 chart performance for intrusion detection is improved using the Successive Difference Covariance Matrix where the control limits will be calculated using Kernel Density Estimation. The proposed method using T 2 based on Kernel Density Estimation control limit outperforms other approaches both in training and testing dataset.

[1]  Carlos García Garino,et al.  Automatic network intrusion detection: Current techniques and open issues , 2012, Comput. Electr. Eng..

[2]  John C. Young,et al.  THE CONTROL CHART FOR INDIVIDUAL OBSERVATIONS FROM A MULTIVARIATE NON-NORMAL DISTRIBUTION , 2001 .

[3]  Nola D. Tracy,et al.  Multivariate Control Charts for Individual Observations , 1992 .

[4]  G. Simons,et al.  On the theory of elliptically contoured distributions , 1981 .

[5]  W. A. Wallis,et al.  Techniques of Statistical Analysis. , 1950 .

[6]  Douglas M. Hawkins,et al.  Zonation of multivariate sequences of digitized geologic data , 1974 .

[7]  N. José Alberto Vargas,et al.  Robust Estimation in Multivariate Control Charts for Individual Observations , 2003 .

[8]  A. Erhan Mergen,et al.  IMPROVING THE PERFORMANCE OF THE T2 CONTROL CHART , 1993 .

[9]  William H. Woodall,et al.  A Comparison of Multivariate Control Charts for Individual Observations , 1996 .

[10]  Youn Min Chou,et al.  Power comparisons for a hotelling's t2 STATISTIC , 1999 .

[11]  Seoung Bum Kim,et al.  Principal component analysis-based control charts for multivariate nonnormal distributions , 2013, Expert Syst. Appl..

[12]  Hussein A. Abbass,et al.  IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), 2009 , 2009 .

[13]  Agus Zainal Arifin,et al.  On Monitoring Shift in the Mean Processes with Vector Autoregressive Residual Control Charts of Individual Observation , 2014 .

[14]  William H. Woodall,et al.  Distribution of Hotelling's T2 Statistic Based on the Successive Differences Estimator , 2006 .

[15]  Douglas C. Montgomery,et al.  A review of multivariate control charts , 1995 .