Modified batch mean charts for network intrusion detection
- Authors
- Park, Yongro; Baek, Seung Hyun; Kim, Seong-Hee; Tsui, Kwok-Leung
- Issue Date
- 2020
- Publisher
- University of Texas at El Paso
- Keywords
- batch mean chart; intrusion detection; modified batch mean chart; robust version of batch mean chart; statistical process control
- Citation
- International Journal of Industrial Engineering : Theory Applications and Practice, v.27, no.1, pp.88 - 109
- Indexed
- SCIE
SCOPUS
- Journal Title
- International Journal of Industrial Engineering : Theory Applications and Practice
- Volume
- 27
- Number
- 1
- Start Page
- 88
- End Page
- 109
- URI
- https://scholarworks.bwise.kr/erica/handle/2021.sw.erica/1863
- ISSN
- 1072-4761
- Abstract
- This paper presents three modified batch mean charts for network intrusion detection. Simulations based on standard control limits and robust control limits are performed considering four factors: cycle, noise, signal, and batch size. The regular batch mean charts are used to eliminate intrinsic 60-second cycles in the sample data. However, the regular batch mean charts monitor the statistics only at the end of each batch, so signal detection is too slow. The proposed modified batch mean charts offer fast detection using actual control limits and robust control limits. The simulation studies show that the modified batch mean charts perform particularly well on large signals, which are the signal types associated with denial of service intrusions.
- Files in This Item
-
Go to Link
- Appears in
Collections - COLLEGE OF BUSINESS AND ECONOMICS > DIVISION OF BUSINESS ADMINISTRATION > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.