Research Summaries

Back C-NC3 Detection, Estimation, and Modeling Performance Improvement

Fiscal Year 2018
Division Graduate School of Engineering & Applied Science
Department Electrical & Computer Engineering
Investigator(s) Bollmann, Chad A.
Sponsor Air Force Global Strike Command (Air Force)
Summary The Gaussian distribution, possessing exponential tails, has been a mainstay of signal processing and anomaly detection applications for many decades. Per the Central Limit Theorem, sufficient sums of finite random variables (RVs) aggregate to a Gaussian RV. However, if the population is instead composed of RVs that possess power-law, or heavy, tails (i.e., are not finite), their sum is described by an ?-stable RV. This is the case for most random processes that are the sum of many individual random processes; thus, many aspects of computer network traffic can be more accurately modeled and estimated using ?-stable (vice Gaussian) methods.
The same modeling and estimation concepts have been applied to improve the detection of anomalies (e.g., cyber attacks) in network traffic. Non-parametric, single-statistic detection implementations have been shown to improve detection accuracy by 3–8% over similar Gaussian methods.
Contingency nuclear command, control, and communications (NC3) networks are expected to have many communications anomalies due to a contested, highly-variable environment and intermittent node connectivity. This research intends to refine the modeling, estimation, and detection (MED) techniques developed for computer network anomaly detection and investigate their extension and ability to improve NC3 network MED.
Keywords Detection Estimation alpha-stable modeling zero order statistics
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal