Denial-of-service attack detection based on multivariate correlation analysis

Zhiyuan Tan, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

    Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

    25 Citations (Scopus)
    19 Downloads (Pure)

    Abstract

    The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.
    Original languageUndefined
    Title of host publicationNeural Information Processing
    EditorsBao-Liang Lu, Liqing Zhang, James Kwok
    Place of PublicationBerlin
    PublisherSpringer
    Pages756-765
    Number of pages10
    DOIs
    Publication statusPublished - Nov 2011

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume7064
    ISSN (Print)0302-9743

    Keywords

    • SCS-Cybersecurity
    • EWI-25313
    • Multivariate Correlations
    • Denial-of-Service Attack
    • Euclidean Distance Map
    • Anomaly Detection
    • IR-92852

    Cite this

    Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2011). Denial-of-service attack detection based on multivariate correlation analysis. In B-L. Lu, L. Zhang, & J. Kwok (Eds.), Neural Information Processing (pp. 756-765). (Lecture Notes in Computer Science; Vol. 7064). Berlin: Springer. https://doi.org/10.1007/978-3-642-24965-5_85
    Tan, Zhiyuan ; Jamdagni, Aruna ; He, Xiangjian ; Nanda, Priyadarsi ; Liu, Ren Ping. / Denial-of-service attack detection based on multivariate correlation analysis. Neural Information Processing. editor / Bao-Liang Lu ; Liqing Zhang ; James Kwok. Berlin : Springer, 2011. pp. 756-765 (Lecture Notes in Computer Science).
    @inbook{881a257c8ed340e6949290ca9397afd6,
    title = "Denial-of-service attack detection based on multivariate correlation analysis",
    abstract = "The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96{\%} detection rate and 2.08{\%} false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.",
    keywords = "SCS-Cybersecurity, EWI-25313, Multivariate Correlations, Denial-of-Service Attack, Euclidean Distance Map, Anomaly Detection, IR-92852",
    author = "Zhiyuan Tan and Aruna Jamdagni and Xiangjian He and Priyadarsi Nanda and Liu, {Ren Ping}",
    year = "2011",
    month = "11",
    doi = "10.1007/978-3-642-24965-5_85",
    language = "Undefined",
    series = "Lecture Notes in Computer Science",
    publisher = "Springer",
    pages = "756--765",
    editor = "Bao-Liang Lu and Liqing Zhang and James Kwok",
    booktitle = "Neural Information Processing",

    }

    Tan, Z, Jamdagni, A, He, X, Nanda, P & Liu, RP 2011, Denial-of-service attack detection based on multivariate correlation analysis. in B-L Lu, L Zhang & J Kwok (eds), Neural Information Processing. Lecture Notes in Computer Science, vol. 7064, Springer, Berlin, pp. 756-765. https://doi.org/10.1007/978-3-642-24965-5_85

    Denial-of-service attack detection based on multivariate correlation analysis. / Tan, Zhiyuan; Jamdagni, Aruna; He, Xiangjian; Nanda, Priyadarsi; Liu, Ren Ping.

    Neural Information Processing. ed. / Bao-Liang Lu; Liqing Zhang; James Kwok. Berlin : Springer, 2011. p. 756-765 (Lecture Notes in Computer Science; Vol. 7064).

    Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

    TY - CHAP

    T1 - Denial-of-service attack detection based on multivariate correlation analysis

    AU - Tan, Zhiyuan

    AU - Jamdagni, Aruna

    AU - He, Xiangjian

    AU - Nanda, Priyadarsi

    AU - Liu, Ren Ping

    PY - 2011/11

    Y1 - 2011/11

    N2 - The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

    AB - The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

    KW - SCS-Cybersecurity

    KW - EWI-25313

    KW - Multivariate Correlations

    KW - Denial-of-Service Attack

    KW - Euclidean Distance Map

    KW - Anomaly Detection

    KW - IR-92852

    U2 - 10.1007/978-3-642-24965-5_85

    DO - 10.1007/978-3-642-24965-5_85

    M3 - Chapter

    T3 - Lecture Notes in Computer Science

    SP - 756

    EP - 765

    BT - Neural Information Processing

    A2 - Lu, Bao-Liang

    A2 - Zhang, Liqing

    A2 - Kwok, James

    PB - Springer

    CY - Berlin

    ER -

    Tan Z, Jamdagni A, He X, Nanda P, Liu RP. Denial-of-service attack detection based on multivariate correlation analysis. In Lu B-L, Zhang L, Kwok J, editors, Neural Information Processing. Berlin: Springer. 2011. p. 756-765. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-642-24965-5_85