Network-Based Anomaly Detection Using Discriminant Analysis

ABSTRACT

Anomaly-based Intrusion Detection Systems (IDS) can be a valuable tool for detecting novel network attacks. This paper analyzes the use of linear and non-linear discriminant analysis on packet header information from Transport and Internet layers of the TCP/IP model to classify packets as normal or abnormal. By training on normal traffic for a particular service (web and secure shell) and known attacks, the classifier can automatically identify differences between packets that may be used to classify future unknown traffic.


AUTHORS

Photo of George Noel, PhD

Graduate School of Engineering and Management - Air Force Institute of Technology Wright Patterson AFB, Dayton, Ohio,
United States

George Noel, PhD (BS, U.S. Air Force Academy; MS, PhD, Air Force Institute of Technology) is an Assistant Professor of Computer Science at the Air Force Institute of Technology with research interests focused on Artificial Intelligence, Cyber Operations, and Natural Language Processing. He has over 23 years of communications and cyber operations experience with the U.S. Department of Defense.

Associate Professor of Electrical Engineering, Air Force Institute of Technology, Wright-Patterson Air Force Base, OH
USA

Dr. Steven C. Gustafson is an Associate Professor of Electrical Engineering at the Air Force Institute of Technology, Wright-Patterson Air force Base, Ohio, where he teaches graduate courses and conducts research on pattern recognition techniques. He received the PhD from Duke University in 1974, was at the University of Dayton From 1976, and has had his current position since 1998. He is an author of more than 200 conference proceeding and journal papers on optical processing, neural networks, and related pattern recognition technology.

Associate Professor of Computer Engineering, Air Force Institute of Technology
Wright-Patterson Air Force Base, OH
USA

Gregg Gunsch (Lt Col, USAF, retired) has a BSEE from the University of North Dakota (1979), MSEE from the Air Force Institute of Technology (1983), and a PhD in Electrical Engineering from the University of Illinois at Urbana-Champaign (1991). He is an Assistant Professor of Computer Engineering, currently responsible for the information systems security/assurance (information warfare) curriculum at the Air Force Institute of Technology.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Principal Office

  • Journal of Information Warfare
  • ArmisteadTEC
  • 525 Landfall Arch,
  • Virginia Beach, VA 23462

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com