Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization

Zhiyuan Tan*, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

4 Citations (Scopus)

Abstract

The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.

Original languageEnglish
Title of host publicationInformation and communications security
Subtitle of host publication13th international conference, ICICS 2011, Beijing, China, November 23-26, 2011: proceedings
EditorsSihan Qing, Willy Susilo, Guilin Wang, Dongmei Liu
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Pages388-398
Number of pages11
ISBN (Electronic)9783642252433
ISBN (Print)9783642252426
DOIs
Publication statusPublished - 2011
Externally publishedYes
Event13th International Conference on Information and Communications Security, ICICS 2011 - Beijing, China
Duration: 23 Nov 201126 Nov 2011

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Berlin Heidelberg
Volume7043
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other13th International Conference on Information and Communications Security, ICICS 2011
CountryChina
CityBeijing
Period23/11/1126/11/11

Keywords

  • characterization
  • Denial-of-Service attack
  • Euclidean Distance Map
  • multivariate correlations
  • second-order statistics

Fingerprint Dive into the research topics of 'Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization'. Together they form a unique fingerprint.

Cite this