PCA-based multivariate statistical network monitoring for anomaly detection

Alcala, 2011, Analysis and generalization of fault diagnosis methods for process monitoring, J Process Contr, 21, 322, 10.1016/j.jprocont.2010.10.005

Alcala, 2009, Reconstruction-based contribution for process monitoring, Automatica, 45, 1593, 10.1016/j.automatica.2009.02.027

Arteaga, 2002, Dealing with missing data in MSPC: several methods, different interpretations, some examples, J Chemometr, 16, 408, 10.1002/cem.750

Bhuyan, 2014, Network anomaly detection: methods, systems and tools, IEEE Commun Surv Tut, 16, 303, 10.1109/SURV.2013.052213.00046

Boardman, 1994, The statistician who changed the world: W. Edwards Deming, 1900–1993, Am Stat, 48, 179, 10.1080/00031305.1994.10476053

Bodenham, 2013

Box, 1954, Some theorems on quadratic forms applied in the study of analysis of variance problems: effect of inequality of variance in one-way classification, Ann. Math. Stat, 25, 290, 10.1214/aoms/1177728786

Brauckhoff, 2009, Applying PCA for traffic anomaly detection: problems and solutions, Proceedings – IEEE INFOCOM, 2866, 10.1109/INFCOM.2009.5062248

Bro, 2003, Centering and scaling in component analysis, J Chemometr, 17, 16, 10.1002/cem.773

Callegari, 2011

Callegari, 2011

Camacho, 2007

Camacho, 2011, Observation-based missing data methods for exploratory data analysis to unveil the connection between observations and variables in latent subspace models, J Chemometr, 25, 592, 10.1002/cem.1405

Camacho, 2014, Cross-validation in PCA models with the element-wise k-fold (ekf) algorithm: practical aspects, Chemometr Intell Lab Syst, 131, 37, 10.1016/j.chemolab.2013.12.003

Camacho, 2006, Online monitoring of batch processes using multi-phase principal component analysis, J Process Contr, 16, 1021, 10.1016/j.jprocont.2006.07.005

Camacho, 2008, Bilinear modelling of batch processes. Part I: theoretical discussion, J Chemometr, 22, 299, 10.1002/cem.1113

Camacho, 2009, On-line monitoring of batch processes based on PCA: does the modelling structure matter?, Anal Chim Acta, 642, 59, 10.1016/j.aca.2009.02.001

Camacho, 2014, Tackling the big data 4 vs for anomaly detection, INFOCOM '2014 Workshop on Security and Privacy in Big Data

Camacho, 2015, Multivariate exploratory data analysis (meda) toolbox for Matlab, Chemometr Intell Lab Syst, 143, 49, 10.1016/j.chemolab.2015.02.016

Chatzigiannakis, 2009, Improving network anomaly detection effectiveness via an integrated multi-metric-multi-link (M3L) PCA-based approach, Secur. Commun. Netw, 2, 289, 10.1002/sec.69

Chen, 2002

Delimargas, 2014

Dunia, 1998, Subspace approach to multidimensional fault identification and reconstruction, AIChE J, 44, 1813, 10.1002/aic.690440812

Dusi, 2012

Faber, 2007, How to avoid over-fitting in multivariate calibration – the conventional validation approach and an alternative, Anal Chim Acta, 595, 98, 10.1016/j.aca.2007.05.030

Ferrer, 2014, Latent structures-based multivariate statistical process control: a paradigm shift, Qual. Eng, 26, 72, 10.1080/08982112.2013.846093

Garcia-Teodoro, 2009, Anomaly-based network intrusion detection: techniques, systems and challenges, Comput Secur, 28, 18, 10.1016/j.cose.2008.08.003

González-Martínez, 2011, Real-time synchronization of batch trajectories for on-line multivariate statistical process control using Dynamic Time Warping, Chemometr Intell Lab Syst, 105, 195, 10.1016/j.chemolab.2011.01.003

Hakami, 2008

Hotelling, 1947, Multivariate quality control

Hu, 2008

Huang, 2006

Jackson, 2003

Jackson, 1979, Control procedures for residuals associated with Principal Component Analysis, Technometrics, 21, 331, 10.1080/00401706.1979.10489779

Kanaoka, 2003

Kanda, 2013, ADMIRE: anomaly detection method using entropy-based PCA with three-step sketches, Comput Commun, 36, 575, 10.1016/j.comcom.2012.12.002

Kassidas, 1998, Synchronization of batch trajectories using dynamic time warping, AIChE J, 44, 864, 10.1002/aic.690440412

Kim, 2009

Kourti, 1996, Multivariate SPC methods for process and product monitoring, J Qual Technol, 28, 409, 10.1080/00224065.1996.11979699

Kourti, 1995, Analysis, monitoring and fault diagnosis of batch processes using multiblock and multiway PLS, J Process Contr, 5, 277, 10.1016/0959-1524(95)00019-M

Kresta, 1991, Multivariate statistical monitoring of process operating performance, Can J Chem Eng, 69, 35, 10.1002/cjce.5450690105

Ku, 1995, Disturbance detection and isolation by dynamic principal component analysis, Chemometr Intell Lab Syst, 30, 179, 10.1016/0169-7439(95)00076-3

Kwitt, 2007

Lakhina, 2004, Diagnosing network-wide traffic anomalies, ACM SIGCOMM Comput Commun Rev, 34, 219, 10.1145/1030194.1015492

Lakhina, 2005, Mining anomalies using traffic feature distributions, ACM SIGCOMM Comput Commun Rev, 35, 217, 10.1145/1090191.1080118

Lindgren, 1996, Model validation by permutation tests: applications to variable selection, J Chemometr, 10, 521, 10.1002/(SICI)1099-128X(199609)10:5/6<521::AID-CEM448>3.0.CO;2-J

Liu, 2014

Liu, 2010

Livani, 2010

MacGregor, 1995, Statistical process control of multivariate processes, Control Eng Pract, 3, 403, 10.1016/0967-0661(95)00014-L

MacGregor, 1994, Process monitoring and diagnosis by multiblock PLS methods, AIChE J, 40, 826, 10.1002/aic.690400509

Magan-Carrion, 2015, Multivariate statistical approach for anomaly detection and lost data recovery in wireless sensor networks, Int J Distrib Sens N, 2015, 1

Marty, 2008

Milting, 2013, Genomics of myocardial recovery in patients with mechanical circulatory support, J Heart Lung Transplant, 32, 229, 10.1016/j.healun.2013.01.582

Münz, 2010

Nelson, 1996, Missing data methods in PCA and PLS: score calculations with incomplete observations, Chemometr Intell Lab Syst, 35, 45, 10.1016/S0169-7439(96)00007-X

Nielsen, 1998, Aligning of single and multiple wavelength chromatographic profiles for chemometrics data analysis using correlation optimised warping, J Chromatogr, 805, 17, 10.1016/S0021-9673(98)00021-1

Nomikos, 1995, Multivariate statistical process control charts for monitoring batch processes, Technometrics, 37, 41, 10.1080/00401706.1995.10485888

Nomikos, 1994, Monitoring batch processes using multiway principal component analysis, AIChE J, 40, 1361, 10.1002/aic.690400809

Novakov, 2013

Om, 2012, Statistical techniques in anomaly intrusion detection system, IJATEE, 5, 387

Qu, 2005

Ramaker, 2006, Performance assessment and improvement of control charts for statistical batch process monitoring, Stat Neerl, 60, 339, 10.1111/j.1467-9574.2006.00337.x

Ringberg, 2007, Sensitivity of PCA for traffic anomaly detection, ACM Sigmetrics Perform Eval Rev, 35, 109, 10.1145/1269899.1254895

Rubinstein, 2008, Compromising PCA-based anomaly detectors for network-wide traffic

Saccenti, 2015, On the use of the observation-wise k-fold operation in PCA cross-validation, J Chemometr, 29, 467, 10.1002/cem.2726

Shyu, 2003

Smilde, 2003, A framework for sequential multiblock component methods, J Chemometr, 17, 323, 10.1002/cem.811

Tracy, 1992, Multivariate control charts for individual observations, J Qual Technol, 24, 88, 10.1080/00224065.1992.12015232

VanMechelen, 2010, A generic linked-mode decomposition model for data fusion, Chemometr Intell Lab Syst, 104, 83, 10.1016/j.chemolab.2010.04.012

Westerhuis, 2000, Generalized contribution plots in multivariate statistical process monitoring, Chemometr Intell Lab Syst, 51, 95, 10.1016/S0169-7439(00)00062-9

Wise, 1990, Theoretical basis for the use of principal component models for monitoring multivariate processes, Process Control Qual, 1, 41

Xie, 2011

Cook