Denial-of-service attack detection based on multivariate correlation analysis

Zhiyuan Tan*, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

27 Citations (Scopus)

Abstract

The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

Original languageEnglish
Title of host publicationNeural information processing
Subtitle of host publication18th international conference, ICONIP 2011, Shanghai, China, November 13-17, 2011: proceedings
EditorsBao-Liang Lu, Liqing Zhang, James Kwok
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Pages756-765
Number of pages10
VolumePart 3
ISBN (Electronic)9783642249655
ISBN (Print)9783642249648
DOIs
Publication statusPublished - 2011
Externally publishedYes
Event18th International Conference on Neural Information Processing, ICONIP 2011 - Shanghai, China
Duration: 13 Nov 201117 Nov 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Berlin Heidelberg
Volume7064
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other18th International Conference on Neural Information Processing, ICONIP 2011
CountryChina
CityShanghai
Period13/11/1117/11/11

    Fingerprint

Keywords

  • anomaly detection
  • Denial-of-service attack
  • Euclidean Distance Map
  • multivariate correlations

Cite this

Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2011). Denial-of-service attack detection based on multivariate correlation analysis. In B-L. Lu, L. Zhang, & J. Kwok (Eds.), Neural information processing: 18th international conference, ICONIP 2011, Shanghai, China, November 13-17, 2011: proceedings (Vol. Part 3, pp. 756-765). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7064). Heidelberg: Springer, Springer Nature. https://doi.org/10.1007/978-3-642-24965-5_85