IET Information Security (May 2022)
PCA mix‐based Hotelling's T2 multivariate control charts for intrusion detection system
Abstract
Abstract Most of the data, which is in the field of network intrusion detection, have the characteristics of a mixture of high‐dimensional datasets of continuous and categorical variables. It easily leads the traditional multivariate control chart to get the error detection results. Hotelling's T2 multivariate control charts based on Principal Component Analysis mix (PCA mix) with bootstrap control limit were proposed, and applied to the network intrusion detection system. It was compared with the conventional Hotelling's T2 control chart based on PCA and the performance of the control limits obtained with the bootstrap method was compared to the ones calculated using the most commonly used kernel density estimation. The experimental results revealed that the proposed method had better performance in intrusion detection than its counterparts.
Keywords