EWMA statistic in adaptive threshold algorithm

被引:12
作者
Cisar, P. [1 ]
Cisar, S. Maravic [2 ]
机构
[1] Telekom Srbija, Prvomajska 2, Subtoica 24000, Serbia
[2] Polytech Engn Coll, Subtoica 24000, Serbia
来源
INES 2007: 11TH INTERNATIONAL CONFERENCE ON INTELLIGENT ENGINEERING SYSTEMS, PROCEEDINGS | 2007年
关键词
D O I
10.1109/INES.2007.4283671
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection is used to monitor and capture intrusions into computer and network systems which attempt to compromise the security of computer and network systems. Many intrusions manifest in dramatic changes in the intensity of events occuring in information systems. Because of the ability of exponentially weighted moving average (EWMA) control charts to monitor the rate of occurrences of events based on their intensity, this technique is widely used in intrusion detection systems (IDS). One of the applications of this technique is in adaptive threshold algorithm. The performance of this method is in function of several parameters. This paper describes an approach to their choice.
引用
收藏
页码:51 / +
页数:2
相关论文
共 11 条
[1]  
[Anonymous], ENG STAT HDB SINGLE
[2]  
FENGMIN G, 2003, DECIPHERING DETECT 2
[3]  
MAHADIK VA, DETECTION DENIAL QOS
[4]  
NEUBAUER AS, EWMA CONTROL CHART P
[5]  
ROBERTS SW, 1959, CONTROL CHART TEST B
[6]  
SEIBOLD D, ENTERPRISE CAMPUS SE
[7]  
SORENSEN S., 2004, COMPETITIVE OVERVIEW
[8]  
VASILIOS A, APPL ANOMALY DETECTI
[9]  
VIINIKKA J, MONITORING IDS BACKG
[10]  
ZHAO Y, 2005, DUAL CUSUM CONTROL S
12