Intruder Alert: Dimension Reduction and Density-Based Clustering for a Cybersecurity Application

This thesis examines the use of Principal Component Analysis, Robust Principal Component Analysis, and simple autoencoders for dimension reduction on a synthetic cybersecurity dataset. Each is tested as a precur- sor to Independent Component Analysis. Stable independent components are obtained by iterative random- ized starts to FastICA and selecting the centroids of the hierarchically clustered components. A density-based clustering method is then applied to the results with the goal of isolating malicious observations from benign ones using greatest distance between centroids as a heuristic metric of success. The method is then applied to a real-world cybersecurity dataset from an industry partner.