Prediction of Network Anomaly Detection through Statistical Analysis

Homeland security concerns continue to grow; protecting the network infrastructure remains a vital priority for government organizations as well as their private sector partners. In this paper we will focus on one-at-a-time Network Intrusion detection. Our goal is to build a Network Intrusion detection model through statistical analysis. We examined TCP/IP packet headers anomalies to predict if an intrusion is occurring or not. This approach, in turn, will provide the model that predicts the number of intrusions by maximizing the true positives ratio (real intrusions) while keeping the false positives (false alarm) ratio small. The resulting model will detect future intrusions more effectively and to protect the valuable network resources at large. The outcome of this research is validated through statistical measures such as model chi-square, its model significance (P-value), and overall model fitness. It can also be verified through ROC curves.