<rdf:RDF xmlns:rdf="http://www.openarchives.org/OAI/2.0/rdf/" xmlns:ow="http://www.ontoweb.org/ontology/1#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:ds="http://dspace.org/ds/elements/1.1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:doc="http://www.lyncode.com/xoai" xsi:schemaLocation="http://www.openarchives.org/OAI/2.0/rdf/ http://www.openarchives.org/OAI/2.0/rdf.xsd">
   <ow:Publication rdf:about="oai:digibug.ugr.es:10481/59031">
      <dc:title>Group-Wise Principal Component Analysis for Exploratory Intrusion Detection</dc:title>
      <dc:creator>Camacho Páez, José</dc:creator>
      <dc:creator>Theron, Roberto</dc:creator>
      <dc:creator>García Giménez, José M.</dc:creator>
      <dc:creator>Macía Fernández, Gabriel</dc:creator>
      <dc:creator>García Teodoro, Pedro</dc:creator>
      <dc:subject>Principal component analysis</dc:subject>
      <dc:subject>Group-wise Principal Component Analysis</dc:subject>
      <dc:subject>Anomaly detection</dc:subject>
      <dc:subject>Intrusion Detection</dc:subject>
      <dc:description>Intrusion detection is a relevant layer of cybersecurity to prevent hacking and illegal activities&#xd;
from happening on the assets of corporations. Anomaly-based Intrusion Detection Systems perform an&#xd;
unsupervised analysis on data collected from the network and end systems, in order to identify singular&#xd;
events. While this approach may produce many false alarms, it is also capable of identifying new (zeroday)&#xd;
security threats. In this context, the use of multivariate approaches such as Principal Component&#xd;
Analysis (PCA) provided promising results in the past. PCA can be used in exploratory mode or in learning&#xd;
mode. Here, we propose an exploratory intrusion detection that replaces PCA with Group-wise PCA&#xd;
(GPCA), a recently proposed data analysis technique with additional exploratory characteristics. A main&#xd;
advantage of GPCA over PCA is that the former yields simple models, easy to understand by security&#xd;
professionals not trained in multivariate tools. Besides, the workflow in the intrusion detection with GPCA&#xd;
is more coherent with dominant strategies in intrusion detection. We illustrate the application of GPCA in&#xd;
two case studies.</dc:description>
      <dc:date>2020-01-23T07:44:51Z</dc:date>
      <dc:date>2020-01-23T07:44:51Z</dc:date>
      <dc:date>2019-08-13</dc:date>
      <dc:type>journal article</dc:type>
      <dc:identifier>Camacho, J., Therón, R., García-Giménez, J. M., Maciá-Fernández, G., &amp; García-Teodoro, P. (2019). Group-Wise Principal Component Analysis for Exploratory Intrusion Detection. IEEE Access, 7, 113081-113093.</dc:identifier>
      <dc:identifier>http://hdl.handle.net/10481/59031</dc:identifier>
      <dc:identifier>10.1109/ACCESS.2019.2935154</dc:identifier>
      <dc:language>eng</dc:language>
      <dc:rights>http://creativecommons.org/licenses/by/3.0/es/</dc:rights>
      <dc:rights>open access</dc:rights>
      <dc:rights>Atribución 3.0 España</dc:rights>
      <dc:publisher>IEEE</dc:publisher>
   </ow:Publication>
</rdf:RDF>