• Corpus ID: 236447900

Detection of cybersecurity attacks through analysis of web browsing activities using principal component analysis

  title={Detection of cybersecurity attacks through analysis of web browsing activities using principal component analysis},
  author={Insha Ullah and Kerrie Lee Mengersen and Rob J Hyndman and James M. McGree},
Organizations such as government departments and financial institutions provide online service facilities accessible via an increasing number of internet connected devices which make their operational environment vulnerable to cyber attacks. Consequently, there is a need to have mechanisms in place to detect cyber security attacks in a timely manner. A variety of Network Intrusion Detection Systems (NIDS) have been proposed and can be categorized into signature-based NIDS and anomaly-based NIDS… 



Identifying intrusions in computer networks with principal component analysis

  • Wei WangR. Battiti
  • Computer Science
    First International Conference on Availability, Reliability and Security (ARES'06)
  • 2006
A novel method for intrusion identification in computer networks based on principal component analysis (PCA), which is tested with network data from MIT Lincoln labs for the 1998 DARPA intrusion detection evaluation program and testing results show that the model is promising in terms of identification accuracy and computational efficiency.

A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection

A targeted literature survey of machine learning (ML) and data processing (DM) strategies for cyber analytics in support of intrusion detection as it applies to wired networks.

Malicious URL Detection using Machine Learning: A Survey

This article presents the formal formulation of Malicious URL Detection as a machine learning task, and categorize and review the contributions of literature studies that addresses different dimensions of this problem (feature representation, algorithm design, etc.).

A framework for constructing features and models for intrusion detection systems

A novel framework, MADAM ID, for Mining Audit Data for Automated Models for Instrusion Detection, which uses data mining algorithms to compute activity patterns from system audit data and extracts predictive features from the patterns.

Intrusion detection based on K-Means clustering and Naïve Bayes classification

This work proposes an hybrid learning approach through combination of K-Means clustering and Naïve Bayes classification that will be cluster all data into the corresponding group before applying a classifier for classification purpose.


In this paper, we analyze an anomaly based intrusion detection system (IDS) for outlier detection in hardware profile using statistical techniques: Chi-square distribution, Gaussian mixture

Sensitivity of PCA for traffic anomaly detection

This study identifies and evaluates four main challenges of using PCA to detect traffic anomalies: the false positive rate is very sensitive to small differences in the number of principal components in the normal subspace, the effectiveness of PCA is sensitive to the level of aggregation of the traffic measurements, a large anomaly may in advertently pollute the normalSubspace.

Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems

This paper proposes a new approach to construct high speed payload-based anomaly IDS intended to be accurate and hard to evade, and uses a feature clustering algorithm originally proposed for text classification problems to reduce the dimensionality of the feature space.

Network Anomaly Detection: Methods, Systems and Tools

This paper provides a structured and comprehensive overview of various facets of network anomaly detection so that a researcher can become quickly familiar with every aspect of network anomalies detection.

A Novel PCA-Based Network Anomaly Detection

This paper addresses the problem considering a method based on PCA for detecting network anomalies by means of the Kullback-Leibler divergence and presents a new technique that extends the state of the art in PCA based anomaly detection.