Packet Header Intrusion Detection with Binary Logistic Regression Approach in Detecting R2L and U2R Attacks

With the rapid growth of the Internet, there are an increasing number of computer threats and attacks. The prevalence of zero-day attack activities has given rise to the need to prevent these attack activities from spreading and damaging the computer system. As such, intrusion detection system (IDS) should satisfy complex requirements and must be durable, manageable and reliable. In this paper, we developed an anomaly-based detection model using a statistical method combined with a binary logistic regression approach. The model, Layer based Anomaly Detection (LbAD) is designed to detect remote to user (R2L) and user to root (U2R) attacks by statistically examining the degree of normal field values within three layer (data link, network, transport) of OSI Seven Layer. The results of the new method outperform the leading existing methods.