Abstract

Statistical Process Control (SPC) is not only used to monitor the quality of manufacturing processes and services but also is applied to detect intrusions in the network. Hotelling's T2 chart is the SPC method that has been widely developed for intrusion detection. However, in its application, the conventional Hotelling's T2 chart has several drawbacks such as less effective when used to monitor large observations and quality characteristics. Conventional Hotelling's T2 chart is not perform-well for non-Gaussian distributed data. Also, the current conventional control chart has not been able to monitor the processes which have mixed quality characteristics. To overcome these weaknesses, two types of the control chart is proposed in this study, namely, the multivariate control chart based on Principal Component Analysis (PCA) Mix and Kernel PCA. For Kernel PCA chart, two schemes are developed, that is Kernel PCA Mix and Mixed Kernel PCA control charts. Kernel Density Estimation (KDE) is employed to estimate the control limits of the developed charts. In monitoring the network intrusion, the proposed control charts are applied to well-known NSL-KDD dataset. The evaluation performance shows that the PCA Mix chart can detect attacks occurred on the network more accurate and faster compared to the Kernel PCA Mix and Mixed Kernel PCA charts.

Original languageEnglish
Article number012008
JournalJournal of Physics: Conference Series
Volume1752
Issue number1
DOIs
Publication statusPublished - 15 Feb 2021
Event3rd International Conference on Statistics, Mathematics, Teaching, and Research 2019, ICSMTR 2019 - Makassar, Indonesia
Duration: 9 Oct 201910 Oct 2019

Keywords

  • Hotelling's TChart
  • Kernel Density Estimation
  • Kernel PCA
  • Mixed Quality Characteristics
  • PCA Mix

Fingerprint

Dive into the research topics of 'Comparing the performance of T2chart based on PCA Mix, Kernel PCA Mix, and Mixed Kernel PCA for Network Anomaly Detection'. Together they form a unique fingerprint.

Cite this