IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Multivariate data analysis software for enhancing system security
Journal of Systems and Software
Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
IEEE Transactions on Computers
Probabilistic techniques for intrusion detection based on computer audit data
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Intrusion detection techniques and approaches
Computer Communications
| Hi-index | 0.00 |
This paper proposes a new algorithm that improves the efficiency of the anomaly detection stage of a vector-based intrusion detection scheme. In general, intrusion detection schemes are based on the hypothesis that normal system/user behaviors are consistent and can be characterized by some behavior profiles such that deviations from the profiles are considered abnormal. In complicated computing environments, users may exhibit complicated usage patterns that the user profiles have to be established using sophisticated classification methods such as vector quantization (VQ) technique. However, anomaly detection based on the data set in a high dimension space is inefficient. In this paper we focus on the design of an algorithm that uses principal component analysis (PCA) to improve the anomaly detection efficiency. The main contribution of this research is to demonstrate how the efficiency of the anomaly detection can be raised while the effectiveness of the detection in terms of low false alarm rate and high detection rate can be maintained.