Denial-of-service attack detection based on multivariate correlation analysis

Zhiyuan Tan*, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

43 Citations (Scopus)


The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

Original languageEnglish
Title of host publicationNeural information processing
Subtitle of host publication18th international conference, ICONIP 2011, Shanghai, China, November 13-17, 2011: proceedings
EditorsBao-Liang Lu, Liqing Zhang, James Kwok
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Number of pages10
VolumePart 3
ISBN (Electronic)9783642249655
ISBN (Print)9783642249648
Publication statusPublished - 2011
Externally publishedYes
Event18th International Conference on Neural Information Processing, ICONIP 2011 - Shanghai, China
Duration: 13 Nov 201117 Nov 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Berlin Heidelberg
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other18th International Conference on Neural Information Processing, ICONIP 2011


  • anomaly detection
  • Denial-of-service attack
  • Euclidean Distance Map
  • multivariate correlations


Dive into the research topics of 'Denial-of-service attack detection based on multivariate correlation analysis'. Together they form a unique fingerprint.

Cite this