Denial-of-service attack detection based on multivariate correlation analysis

Zhiyuan Tan; Aruna Jamdagni; Xiangjian He; Priyadarsi Nanda; Ren Ping Liu

doi:10.1007/978-3-642-24965-5_85

Denial-of-service attack detection based on multivariate correlation analysis

Zhiyuan Tan, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

45 Citations (Scopus)

Abstract

The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

Original language	English
Title of host publication	Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings
Pages	756-765
Number of pages	10
Edition	PART 3
DOIs	https://doi.org/10.1007/978-3-642-24965-5_85
Publication status	Published - 2011
Externally published	Yes
Event	18th International Conference on Neural Information Processing, ICONIP 2011 - Shanghai, China Duration: 13 Nov 2011 → 17 Nov 2011

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Number	PART 3
Volume	7064 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	18th International Conference on Neural Information Processing, ICONIP 2011
Country/Territory	China
City	Shanghai
Period	13/11/11 → 17/11/11

Keywords

Anomaly Detection
Denial-of-Service Attack
Euclidean Distance Map
Multivariate Correlations

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1007/978-3-642-24965-5_85

Cite this

Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2011). Denial-of-service attack detection based on multivariate correlation analysis. In Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings (PART 3 ed., pp. 756-765). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7064 LNCS, No. PART 3). https://doi.org/10.1007/978-3-642-24965-5_85

Tan, Zhiyuan ; Jamdagni, Aruna ; He, Xiangjian et al. / Denial-of-service attack detection based on multivariate correlation analysis. Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings. PART 3. ed. 2011. pp. 756-765 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 3).

@inproceedings{42e50f45929245b6a502c5a10c7dec25,

title = "Denial-of-service attack detection based on multivariate correlation analysis",

abstract = "The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.",

keywords = "Anomaly Detection, Denial-of-Service Attack, Euclidean Distance Map, Multivariate Correlations",

author = "Zhiyuan Tan and Aruna Jamdagni and Xiangjian He and Priyadarsi Nanda and Liu, {Ren Ping}",

year = "2011",

doi = "10.1007/978-3-642-24965-5_85",

language = "English",

isbn = "9783642249648",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

number = "PART 3",

pages = "756--765",

booktitle = "Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings",

edition = "PART 3",

note = "18th International Conference on Neural Information Processing, ICONIP 2011 ; Conference date: 13-11-2011 Through 17-11-2011",

}

Tan, Z, Jamdagni, A, He, X, Nanda, P & Liu, RP 2011, Denial-of-service attack detection based on multivariate correlation analysis. in Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings. PART 3 edn, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), no. PART 3, vol. 7064 LNCS, pp. 756-765, 18th International Conference on Neural Information Processing, ICONIP 2011, Shanghai, China, 13/11/11. https://doi.org/10.1007/978-3-642-24965-5_85

Denial-of-service attack detection based on multivariate correlation analysis. / Tan, Zhiyuan; Jamdagni, Aruna; He, Xiangjian et al.
Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings. PART 3. ed. 2011. p. 756-765 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7064 LNCS, No. PART 3).

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Denial-of-service attack detection based on multivariate correlation analysis

AU - Tan, Zhiyuan

AU - Jamdagni, Aruna

AU - He, Xiangjian

AU - Nanda, Priyadarsi

AU - Liu, Ren Ping

PY - 2011

Y1 - 2011

N2 - The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

AB - The reliability and availability of network services are being threatened by the growing number of Denial-of-Service (DoS) attacks. Effective mechanisms for DoS attack detection are demanded. Therefore, we propose a multivariate correlation analysis approach to investigate and extract second-order statistics from the observed network traffic records. These second-order statistics extracted by the proposed analysis approach can provide important correlative information hiding among the features. By making use of this hidden information, the detection accuracy can be significantly enhanced. The effectiveness of the proposed multivariate correlation analysis approach is evaluated on the KDD CUP 99 dataset. The evaluation shows encouraging results with average 99.96% detection rate and 2.08% false positive rate. Comparisons also show that our multivariate correlation analysis based detection approach outperforms some other current researches in detecting DoS attacks.

KW - Anomaly Detection

KW - Denial-of-Service Attack

KW - Euclidean Distance Map

KW - Multivariate Correlations

UR - http://www.scopus.com/inward/record.url?scp=81855220824&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-24965-5_85

DO - 10.1007/978-3-642-24965-5_85

M3 - Conference contribution

AN - SCOPUS:81855220824

SN - 9783642249648

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 756

EP - 765

BT - Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings

T2 - 18th International Conference on Neural Information Processing, ICONIP 2011

Y2 - 13 November 2011 through 17 November 2011

ER -

Tan Z, Jamdagni A, He X, Nanda P, Liu RP. Denial-of-service attack detection based on multivariate correlation analysis. In Neural Information Processing - 18th International Conference, ICONIP 2011, Proceedings. PART 3 ed. 2011. p. 756-765. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 3). doi: 10.1007/978-3-642-24965-5_85

Denial-of-service attack detection based on multivariate correlation analysis

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this