Outlier Classification Criterion for Multivariate Cyber Anomaly Detection

Author

Alexander M. Trigo

Date of Award

3-23-2018

Document Type

Thesis

Degree Name

Master of Science in Operations Research

Department

Department of Operational Sciences

First Advisor

Bradley C. Boehmke, PhD.

Abstract

Every day, intrusion detection systems catalogue millions of unsupervised data entries. This represents a “big data” problem for research sponsors within the Department of Defense. In a first response to this issue, raw data capture was transformed into usable vectors and an array of multivariate techniques implemented to detect potential outliers. This research expands and refines these techniques by implementing a Chi-Square Q-Q plot-based classification criteria for outlier detection. This methodology has been implemented into an R-based programming solution that allows for a refined and semi-automated user experience for intelligence analysts. Moreover, two case analyses are performed that illustrate how this methodology explicitly identifies outlier observations and provides formal multivariate normality testing to assess the reliability of the techniques being utilized.

AFIT Designator

AFIT-ENS-MS-18-M-166

DTIC Accession Number

AD1056428

Recommended Citation

Trigo, Alexander M., "Outlier Classification Criterion for Multivariate Cyber Anomaly Detection" (2018). Theses and Dissertations. 1865.
https://scholar.afit.edu/etd/1865