Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization

Zhiyuan Tan; Aruna Jamdagni; Xiangjian He; Priyadarsi Nanda; Ren Ping Liu

doi:10.1007/978-3-642-25243-3_31

Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization

Zhiyuan Tan^*, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution

4 Citations (Scopus)

Abstract

The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.

Original language	English
Title of host publication	Information and communications security
Subtitle of host publication	13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings
Editors	Sihan Qing, Willy Susilo, Guilin Wang, Dongmei Liu
Place of Publication	Heidelberg
Publisher	Springer, Springer Nature
Pages	388-398
Number of pages	11
ISBN (Electronic)	9783642252433
ISBN (Print)	9783642252426
DOIs	https://doi.org/10.1007/978-3-642-25243-3_31
Publication status	Published - 2011
Externally published	Yes
Event	13th International Conference on Information and Communications Security, ICICS 2011 - Beijing, China Duration: 23 Nov 2011 → 26 Nov 2011

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer Berlin Heidelberg
Volume	7043
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	13th International Conference on Information and Communications Security, ICICS 2011
Country	China
City	Beijing
Period	23/11/11 → 26/11/11

Keywords

characterization
Denial-of-Service attack
Euclidean Distance Map
multivariate correlations
second-order statistics

Access to Document

10.1007/978-3-642-25243-3_31

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization'. Together they form a unique fingerprint.

Cite this

Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2011). Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization. In S. Qing, W. Susilo, G. Wang, & D. Liu (Eds.), Information and communications security: 13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings (pp. 388-398). (Lecture Notes in Computer Science; Vol. 7043). Heidelberg: Springer, Springer Nature. https://doi.org/10.1007/978-3-642-25243-3_31

Tan, Zhiyuan ; Jamdagni, Aruna ; He, Xiangjian ; Nanda, Priyadarsi ; Liu, Ren Ping. / Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization. Information and communications security: 13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings. editor / Sihan Qing ; Willy Susilo ; Guilin Wang ; Dongmei Liu. Heidelberg : Springer, Springer Nature, 2011. pp. 388-398 (Lecture Notes in Computer Science).

@inproceedings{dbfb48acbdcd459ca9e530c87bcea0e0,

title = "Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization",

abstract = "The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.",

keywords = "characterization, Denial-of-Service attack, Euclidean Distance Map, multivariate correlations, second-order statistics",

author = "Zhiyuan Tan and Aruna Jamdagni and Xiangjian He and Priyadarsi Nanda and Liu, {Ren Ping}",

year = "2011",

doi = "10.1007/978-3-642-25243-3_31",

language = "English",

isbn = "9783642252426",

series = "Lecture Notes in Computer Science",

publisher = "Springer, Springer Nature",

pages = "388--398",

editor = "Sihan Qing and Willy Susilo and Guilin Wang and Dongmei Liu",

booktitle = "Information and communications security",

address = "United States",

}

Tan, Z, Jamdagni, A, He, X, Nanda, P & Liu, RP 2011, Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization. in S Qing, W Susilo, G Wang & D Liu (eds), Information and communications security: 13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings. Lecture Notes in Computer Science, vol. 7043, Springer, Springer Nature, Heidelberg, pp. 388-398, 13th International Conference on Information and Communications Security, ICICS 2011, Beijing, China, 23/11/11. https://doi.org/10.1007/978-3-642-25243-3_31

Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization. / Tan, Zhiyuan; Jamdagni, Aruna; He, Xiangjian; Nanda, Priyadarsi; Liu, Ren Ping.

Information and communications security: 13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings. ed. / Sihan Qing; Willy Susilo; Guilin Wang; Dongmei Liu. Heidelberg : Springer, Springer Nature, 2011. p. 388-398 (Lecture Notes in Computer Science; Vol. 7043).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution

TY - GEN

T1 - Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization

AU - Tan, Zhiyuan

AU - Jamdagni, Aruna

AU - He, Xiangjian

AU - Nanda, Priyadarsi

AU - Liu, Ren Ping

PY - 2011

Y1 - 2011

N2 - The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.

AB - The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.

KW - characterization

KW - Denial-of-Service attack

KW - Euclidean Distance Map

KW - multivariate correlations

KW - second-order statistics

UR - http://www.scopus.com/inward/record.url?scp=81055144622&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-25243-3_31

DO - 10.1007/978-3-642-25243-3_31

M3 - Conference proceeding contribution

SN - 9783642252426

T3 - Lecture Notes in Computer Science

SP - 388

EP - 398

BT - Information and communications security

A2 - Qing, Sihan

A2 - Susilo, Willy

A2 - Wang, Guilin

A2 - Liu, Dongmei

PB - Springer, Springer Nature

CY - Heidelberg

ER -

Tan Z, Jamdagni A, He X, Nanda P, Liu RP. Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization. In Qing S, Susilo W, Wang G, Liu D, editors, Information and communications security: 13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings. Heidelberg: Springer, Springer Nature. 2011. p. 388-398. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-642-25243-3_31