Paper Info
Title
Packet Header Anomaly Detection Using Statistical Analysis
Abstract
The disclosure of network packets to recurrent cyber intrusion has upraised the essential for modelling various statistical-based anomaly detection methods lately. Theoretically, the statistical-based anomaly detection method fascinates researcher's attentiveness, but technologically, the fewer intrusion detection rates persist as vulnerable disputes. Thus, a Host-based Packet Header Anomaly Detection (HbPHAD) model that is proficient in pinpoint suspicious packet header behaviour based on statistical analysis is proposed in this paper. We perform scoring mechanism using Relative Percentage Ratio (RPR) in scheming normal scores, desegregate Linear Regression Analysis (LRA) to distinguish the degree of packets behaviour (i.e. fit to be suspicious or not suspicious) and Cohen's-d (effect size) dimension to pre-define the finest threshold. HbPHAD is an effectual resolution for statistical-based anomaly detection method in pinpoint suspicious behaviour precisely. The experiment validate that HbPHAD is effectively in correctly detecting suspicious packet at above 90% as an intrusion detection rate for both ISCX 2012 and is capable to detect 40 attack types from DARPA 1999 benchmark dataset.
Year
DOI
Venue
2014
10.1007/978-3-319-07995-0_47
INTERNATIONAL JOINT CONFERENCE SOCO'14-CISIS'14-ICEUTE'14
Keywords
Field
DocType
Packet Header Anomaly Detection,Statistical Analysis,Linear Regression Analysis,Cohen's-d
Data mining,Anomaly detection,Attack model,Intrusion,Computer science,Network packet,Header,Intrusion detection system,Statistical analysis,Linear regression
Conference
Volume
ISSN
Citations 
299
2194-5357
3
PageRank 
References 
Authors
0.39
11
6
Name
Order
Citations
PageRank
Warusia Yassin130.73
Nur Izura Udzir216428.44
Azizol Abdullah35416.07
Mohd Taufik Abdullah4286.27
Zaiton Muda5232.58
Hazura Zulzalil6476.38