Optimization Methods of EWMA Statistics

Many intrusions which attempt to compromise the security of computer and network systems manifest themselves in changes in the intensity of events. Because of the ability of exponentially weighted moving average (EWMA) statistics to monitor the rate of occurrences of events based on their intensity, this technique is appropriate for implementation in control limits based algorithms. The research has shown that the usual application of this algorithm on computer network traffic, as applied in industrial processes, does not provide acceptable results. The paper also gives a review of possible optimization methods.

[1]  James M. Lucas,et al.  Exponentially weighted moving average control schemes: Properties and enhancements , 1990 .

[2]  Cristina Verde,et al.  Fault Detection for Large Scale Systems Using Dynamic Principal Components Analysis with Adaptation , 2006 .

[3]  Hervé Debar,et al.  Monitoring IDS Background Noise Using EWMA Control Charts and Alert Information , 2004, RAID.

[4]  J. Stuart Hunter,et al.  The exponentially weighted moving average , 1986 .

[5]  Jacob Cohen Statistical Power Analysis for the Behavioral Sciences , 1969, The SAGE Encyclopedia of Research Design.

[6]  Vasilios A. Siris,et al.  Application of anomaly detection algorithms for detecting SYN flooding attacks , 2004, GLOBECOM.

[7]  Qiang Chen,et al.  Computer intrusion detection through EWMA for autocorrelated and uncorrelated data , 2003, IEEE Trans. Reliab..

[8]  Douglas S. Reeves,et al.  A summary of detection of denial-of-QoS attacks on DiffServ networks , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[9]  A S Neubauer,et al.  The EWMA control chart: properties and comparison with other quality-control procedures by computer simulation. , 1997, Clinical chemistry.

[10]  Paul Hyden Statistical Quality Assurance Methods for Engineers , 2001 .

[11]  Fugee Tsung,et al.  Dual CUSUM control schemes for detecting a range of mean shifts , 2005 .

[12]  S. W. Roberts,et al.  Control Chart Tests Based on Geometric Moving Averages , 2000, Technometrics.