Application of Statistical Process Control Methods for IDS
As technology improves, attackers are trying to get access to the network system resources by so many means. Open loop holes in the network allow them to penetrate in the network more easily; statistical methods have great importance in the area of computer and network security, in detecting the malfunctioning of the network system. Development of internet security solution needed to protect the system and to with stand prolonged and diverse attack. In this paper Statistical approach has been used, conventionally Statistical Control Charts has been used for quality characteristics however in IDS abnormal access can be easily
detected and appropriate control limit can be established. Two different charts are investigated and Shewhart chart based on average has produced better accuracy. The approach used here for intrusion detection in such a way that if the data packet is drastically different from normal variation then it can be classified as attack. In other words a system variation may be due to some special reason. If these causes are investigated then natural variation and abnormal variation can be distinguished which can be used for distinction of behaviors of the system.
Keywords: Intrusion Detection System; Denial of Service attack; Shewhart Chart; Cusum Chart
Download Full-Text
ABOUT THE AUTHOR
Muhammad Sadiq Ali Khan
M.Sadiq Ali Khan is working as an Assistant Professor at Department of Computer Science University of Karachi since 2003.He has done his Ph.D in Computer Science with specialization in Network Security. He has 14 years of teaching and research experience and his research interest includes Data Communication & Networks,Network Security & Cryptography & Wireless Network Security.His book on Recent Trends in Intrusion Detection System & Network Monitoring has been published from Germany. He has research publications in reputed international and national journals. Recently he received a 10th Teradata National IT Excellence award. M.Sadiq Ali Khan received his BS & MS Degree in Computer Engineering from SSUET in 1998 and 2003 respectively. He is member of CSI, PEC and NSP.
Muhammad Sadiq Ali Khan
M.Sadiq Ali Khan is working as an Assistant Professor at Department of Computer Science University of Karachi since 2003.He has done his Ph.D in Computer Science with specialization in Network Security. He has 14 years of teaching and research experience and his research interest includes Data Communication & Networks,Network Security & Cryptography & Wireless Network Security.His book on Recent Trends in Intrusion Detection System & Network Monitoring has been published from Germany. He has research publications in reputed international and national journals. Recently he received a 10th Teradata National IT Excellence award. M.Sadiq Ali Khan received his BS & MS Degree in Computer Engineering from SSUET in 1998 and 2003 respectively. He is member of CSI, PEC and NSP.