Statistical Process Control-Based Intrusion Detection and Monitoring

Statistical Process Control-Based Intrusion Detection and Monitoring

0.00 Avg rating0 Votes
Article ID: iaor201523808
Volume: 30
Issue: 2
Start Page Number: 257
End Page Number: 273
Publication Date: Mar 2014
Journal: Quality and Reliability Engineering International
Authors: , , ,
Keywords: control charts, process control
Abstract:

Intrusion detection systems have a vital role in protecting computer networks and information systems. In this article, we applied a statistical process control (SPC)–monitoring concept to a certain type of traffic data to detect a network intrusion. We proposed an SPC‐based intrusion detection process and described it and the source and the preparation of data used in this article. We extracted sample data sets that represent various situations, calculated event intensities for each situation, and stored these sample data sets in the data repository for use in future research. This article applies SPC charting methods for intrusion detection. In particular, it uses the basic security module host audit data from the MIT Lincoln Laboratory and applies the Shewhart chart, the cumulative sum chart, and the exponential weighted moving average chart to detect a denial of service intrusion attack. The case study shows that these SPC techniques are useful for detecting and monitoring intrusions.

Reviews

Required fields are marked *. Your email address will not be published.