Open AccessPCA mix‐based Hotelling's T 2 multivariate control charts for intrusion detection system
Author(s) -
Shaohui Mo,
Tuerhong Gulanbaier,
Wushouer Mairidan,
Yibulayin Tuergen
Publication year - 2022
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/ise2.12051
Subject(s) - control limits , intrusion detection system , principal component analysis , categorical variable , control chart , multivariate statistics , chart , data mining , computer science , statistics , mathematics , pattern recognition (psychology) , artificial intelligence , process (computing) , operating system
Most of the data, which is in the field of network intrusion detection, have the characteristics of a mixture of high‐dimensional datasets of continuous and categorical variables. It easily leads the traditional multivariate control chart to get the error detection results. Hotelling's T 2 multivariate control charts based on Principal Component Analysis mix (PCA mix) with bootstrap control limit were proposed, and applied to the network intrusion detection system. It was compared with the conventional Hotelling's T 2 control chart based on PCA and the performance of the control limits obtained with the bootstrap method was compared to the ones calculated using the most commonly used kernel density estimation. The experimental results revealed that the proposed method had better performance in intrusion detection than its counterparts.