Denial-of-service attack detection based on multivariate correlation analysis

Zhiyuan Tan, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

    Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

    29 Citations (Scopus)
    41 Downloads (Pure)


    The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.
    Original languageUndefined
    Title of host publicationNeural Information Processing
    EditorsBao-Liang Lu, Liqing Zhang, James Kwok
    Place of PublicationBerlin
    Number of pages10
    Publication statusPublished - Nov 2011

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    ISSN (Print)0302-9743


    • SCS-Cybersecurity
    • EWI-25313
    • Multivariate Correlations
    • Denial-of-Service Attack
    • Euclidean Distance Map
    • Anomaly Detection
    • IR-92852

    Cite this

    Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2011). Denial-of-service attack detection based on multivariate correlation analysis. In B-L. Lu, L. Zhang, & J. Kwok (Eds.), Neural Information Processing (pp. 756-765). (Lecture Notes in Computer Science; Vol. 7064). Berlin: Springer.