Abstract
In this paper, a Denial-of-Service (DoS) attack detection system is explored, where a multivariate correlation analysis technique based on Euclidean distance is applied for network traffic characterization and the principal of anomaly-based detection is employed in attack recognition. The effectiveness of the detection system is evaluated on the KDD Cup 99 dataset and the influence of data normalization on the performance of attack detection is analyzed in this paper as well. The evaluation results and comparisons prove that the detection system is effective in distinguishing DoS attack network traffic from legitimate network traffic and outperforms two state-of-the-art systems.
| Original language | English |
|---|---|
| Title of host publication | SecurIT 2012 |
| Subtitle of host publication | Proceedings of the First International Conference on Security of Internet of Things |
| Place of Publication | New York |
| Publisher | Association for Computing Machinery |
| Pages | 160-164 |
| Number of pages | 5 |
| ISBN (Print) | 9781450318228 |
| DOIs | |
| Publication status | Published - 2012 |
| Externally published | Yes |
| Event | 1st International Conference on Security of Internet of Things, SecurIT 2012 - Kerala, India Duration: 17 Aug 2012 → 19 Aug 2012 |
Other
| Other | 1st International Conference on Security of Internet of Things, SecurIT 2012 |
|---|---|
| Country/Territory | India |
| City | Kerala |
| Period | 17/08/12 → 19/08/12 |
Keywords
- Denial-of-Service attack
- Euclidean distance
- Multivariate correlations
- Network traffic characterization