Author:
Jaya A I,Aulia T R,Putri F D,Rakhmawati T
Abstract
Abstract
In monitoring network anomaly, the traditional T
2 chart can be an alternative owing to its ability to capture the network anomaly. However, the new problem emerges in consequence of the hardship of the network traffic data to satisfy the multivariate normal distribution assumption in Hotelling’s T
2 chart. As a result, many false alarms will be found during the monitoring process. In this work, the combination between Hotelling’s T
2 control chart and the Principal Component Analysis (PCA) is utilized to observe the network traffic data. The PCA is used to minimize the data dimension which can reduce computational time. Meanwhile, the Kernel Density approach is employed in estimating the control limit of the non-normal process. The proposed method is applied to the famous KDD99 dataset, and its performance is compared with the other methods. Compared to the other charts, the proposed control chart yields a higher detection accuracy with a lower false alarm rate. Moreover, the proposed control chart also produces a faster computational time.
Subject
General Physics and Astronomy
Reference25 articles.
1. Bivariate modified hotelling’s T2 charts using bootstrap data;Haddad;Int. J. Electr. Comput. Eng.,2019
2. Evaluation of Laney p’ Chart Performance;Ahsan;Int. J. Appl. Eng. Res.,2017
3. On the distribution of the T2 statistic, used in statistical process monitoring, for high-dimensional data;Ahmad;Stat. Probab. Lett.,2021
4. Hybrid James-Stein and successive difference covariance matrix estimators based hotelling’s T2 chart for network anomaly detection using bootstrap;Ahsan;J. Theor. Appl. Inf. Technol.,2018
5. Tr (R2) control charts based on kernel density estimation for monitoring multivariate variability process;Mashuri;Cogent Eng.,2019
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献