Abstract

AbstractIntrusion detection is used to monitor and capture intrusions into computer and network systems, which attempt to compromise the security of computer and network systems. To protect information systems from intrusions and thus assure the reliability and quality of service of information systems, it is highly desirable to develop techniques that detect intrusions into information systems. Many intrusions manifest in dramatic changes in the intensity of events occurring in information systems. Because of the ability of exponentially weighted moving average (EWMA) control charts to monitor the rate of occurrences of events based on the their intensity, we apply three EWMA statistics to detect anomalous changes in the events intensity for intrusion detections. They include the EWMA chart for autocorrelated data, the EWMA chart for uncorrelated data and the EWMA chart for monitoring the process standard deviation. The objectives of this paper are to provide design procedures for realizing these control charts and investigate their performance using different parameter settings based on one large dataset. The early detection capability of these EWMA techniques is also examined to provide the guidance about the design capacity of information systems. Copyright © 2002 John Wiley & Sons, Ltd.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.