Chi-Square Statistical based Technique for Intrusion Detection
نویسنده
چکیده
Tools required for the security purposes are firewall, passwords, IDS, IPS for the detection of anomaly and prevent it from sending out the harmful traffic to the network. So, it is very necessary to examine the behavior of traffic that coming to the network and recognize the anomalous behavior. In this paper, statistical based chi-square method is used to detect the anomalous behavior and predict the intrusions by calculating the observed and expected frequencies. Setting of interval is difficult for the detection of anomaly but in our case we set interval according to the less variation in traffic. Traffic contains from the backscatter dataset. Chi-square method is good to detect the anomalous behaviors because it gives the Poisson’s distribution for the whole traffic on network. Large difference shows anomaly occurs.
منابع مشابه
Network Anomalies Detection Using Statistical Technique : A Chi- Square approach
Intrusion Detection System is used to detect suspicious activities is one form of defense. However, the sheer size of the network logs makes human log analysis intractable. Furthermore, traditional intrusion detection methods based on pattern matching techniques cannot cope with the need for faster speed to manually update those patterns. Anomaly detection is used as a part of the intrusion det...
متن کاملStatistical Techniques in Anomaly Intrusion Detection System
In this paper, we analyze an anomaly based intrusion detection system (IDS) for outlier detection in hardware profile using statistical techniques: Chi-square distribution, Gaussian mixture distribution and Principal component analysis. Anomaly detection based methods can detect new intrusions but they suffer from false alarms. Host based Intrusion Detection Systems (HIDSs) use anomaly detectio...
متن کاملMultivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
ÐIntrusion detection complements prevention mehcanisms, such as firewalls, cryptography, and authentication, to capture intrusions into an information system while they are acting on the information system. Our study investigates a multivariate quality control technique to detect intrusions by building a long-term profile of normal activities in information systems (norm profile) and using the ...
متن کاملA Chi-square testing-based intrusion detection Model
The rapid growth of Internet malicious activities has become a major concern to network forensics and security community. With the increasing use of IT technologies for managing information there is a need for stronger intrusion detection mechanisms. Critical mission systems and applications require mechanisms able to detect any unauthorised activities. An Intrusion Detection System (IDS) acts ...
متن کاملScalable Chi-Square Distance versus Conventional Statistical Distance for Process Monitoring with Uncorrelated Data Variables
Multivariate statistical process control charts are often used for process monitoring to detect out-of-control anomalies. However, multivariate control charts based on conventional statistical distance measures, such as the one used in the Hotelling’s T 2 control chart, cannot scale up to large amounts of complex process data, e.g. data with a large number of variables and a high rate of data s...
متن کامل