Network-Based Anomaly Detection Using Discriminant Analysis

ABSTRACT

Anomaly-based Intrusion Detection Systems (IDS) can be a valuable tool for detecting novel network attacks. This paper analyzes the use of linear and non-linear discriminant analysis on packet header information from Transport and Internet layers of the TCP/IP model to classify packets as normal or abnormal. By training on normal traffic for a particular service (web and secure shell) and known attacks, the classifier can automatically identify differences between packets that may be used to classify future unknown traffic.


AUTHORS

Air Force Institute of Technology, Wright-Patterson Air Force Base, OH
USA

Lt. George E. Noel is a graduate student pursuing a Masters of Science in Information Resource Management with an Information Operations focus at the Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio. He received his undergraduate degree in Computer Science from the United States Air Force Academy, Colorado in 1998. His ongoing thesis work uses pattern recognition algorithms to detect and categorise network based attacks.

Associate Professor of Electrical Engineering, Air Force Institute of Technology, Wright-Patterson Air Force Base, OH
USA

Dr. Steven C. Gustafson is an Associate Professor of Electrical Engineering at the Air Force Institute of Technology, Wright-Patterson Air force Base, Ohio, where he teaches graduate courses and conducts research on pattern recognition techniques. He received the PhD from Duke University in 1974, was at the University of Dayton From 1976, and has had his current position since 1998. He is an author of more than 200 conference proceeding and journal papers on optical processing, neural networks, and related pattern recognition technology.

Associate Professor of Computer Engineering, Air Force Institute of Technology
Wright-Patterson Air Force Base, OH
USA

Gregg Gunsch (Lt Col, USAF, retired) has a BSEE from the University of North Dakota (1979), MSEE from the Air Force Institute of Technology (1983), and a PhD in Electrical Engineering from the University of Illinois at Urbana-Champaign (1991). He is an Assistant Professor of Computer Engineering, currently responsible for the information systems security/assurance (information warfare) curriculum at the Air Force Institute of Technology.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.871.3949
  • jiw@gbpts.com