Evaluation on multivariate correlation analysis based denial-of-service attack detection system

Zhiyuan Tan; Aruna Jamdagni; Priyadarsi Nanda; Xiangjian He; Ren Ping Liu

doi:10.1145/2490428.2490450

Evaluation on multivariate correlation analysis based denial-of-service attack detection system

Zhiyuan Tan, Aruna Jamdagni, Priyadarsi Nanda, Xiangjian He, Ren Ping Liu

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

1 Citation (Scopus)

Abstract

In this paper, a Denial-of-Service (DoS) attack detection system is explored, where a multivariate correlation analysis technique based on Euclidean distance is applied for network traffic characterization and the principal of anomaly-based detection is employed in attack recognition. The effectiveness of the detection system is evaluated on the KDD Cup 99 dataset and the influence of data normalization on the performance of attack detection is analyzed in this paper as well. The evaluation results and comparisons prove that the detection system is effective in distinguishing DoS attack network traffic from legitimate network traffic and outperforms two state-of-the-art systems.

Original language	English
Title of host publication	Proceedings - 1st International Conference on Security of Internet of Things, SecurIT 2012
Pages	160-164
Number of pages	5
DOIs	https://doi.org/10.1145/2490428.2490450
Publication status	Published - 2012
Externally published	Yes
Event	1st International Conference on Security of Internet of Things, SecurIT 2012 - Kerala, India Duration: 17 Aug 2012 → 19 Aug 2012

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	1st International Conference on Security of Internet of Things, SecurIT 2012
Country/Territory	India
City	Kerala
Period	17/08/12 → 19/08/12

Keywords

Denial-of-service attack
Euclidean distance
Multivariate correlations
Network traffic characterization

ASJC Scopus subject areas

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Access to Document

10.1145/2490428.2490450

Cite this

@inproceedings{43bd62c8d63644eaa7200efc7c6da9f8,

title = "Evaluation on multivariate correlation analysis based denial-of-service attack detection system",

abstract = "In this paper, a Denial-of-Service (DoS) attack detection system is explored, where a multivariate correlation analysis technique based on Euclidean distance is applied for network traffic characterization and the principal of anomaly-based detection is employed in attack recognition. The effectiveness of the detection system is evaluated on the KDD Cup 99 dataset and the influence of data normalization on the performance of attack detection is analyzed in this paper as well. The evaluation results and comparisons prove that the detection system is effective in distinguishing DoS attack network traffic from legitimate network traffic and outperforms two state-of-the-art systems.",

keywords = "Denial-of-service attack, Euclidean distance, Multivariate correlations, Network traffic characterization",

author = "Zhiyuan Tan and Aruna Jamdagni and Priyadarsi Nanda and Xiangjian He and Liu, {Ren Ping}",

year = "2012",

doi = "10.1145/2490428.2490450",

language = "English",

isbn = "9781450318228",

series = "ACM International Conference Proceeding Series",

pages = "160--164",

booktitle = "Proceedings - 1st International Conference on Security of Internet of Things, SecurIT 2012",

note = "1st International Conference on Security of Internet of Things, SecurIT 2012 ; Conference date: 17-08-2012 Through 19-08-2012",

}

Tan, Z, Jamdagni, A, Nanda, P, He, X & Liu, RP 2012, Evaluation on multivariate correlation analysis based denial-of-service attack detection system. in Proceedings - 1st International Conference on Security of Internet of Things, SecurIT 2012. ACM International Conference Proceeding Series, pp. 160-164, 1st International Conference on Security of Internet of Things, SecurIT 2012, Kerala, India, 17/08/12. https://doi.org/10.1145/2490428.2490450

Evaluation on multivariate correlation analysis based denial-of-service attack detection system. / Tan, Zhiyuan; Jamdagni, Aruna; Nanda, Priyadarsi et al.
Proceedings - 1st International Conference on Security of Internet of Things, SecurIT 2012. 2012. p. 160-164 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Evaluation on multivariate correlation analysis based denial-of-service attack detection system

AU - Tan, Zhiyuan

AU - Jamdagni, Aruna

AU - Nanda, Priyadarsi

AU - He, Xiangjian

AU - Liu, Ren Ping

PY - 2012

Y1 - 2012

N2 - In this paper, a Denial-of-Service (DoS) attack detection system is explored, where a multivariate correlation analysis technique based on Euclidean distance is applied for network traffic characterization and the principal of anomaly-based detection is employed in attack recognition. The effectiveness of the detection system is evaluated on the KDD Cup 99 dataset and the influence of data normalization on the performance of attack detection is analyzed in this paper as well. The evaluation results and comparisons prove that the detection system is effective in distinguishing DoS attack network traffic from legitimate network traffic and outperforms two state-of-the-art systems.

AB - In this paper, a Denial-of-Service (DoS) attack detection system is explored, where a multivariate correlation analysis technique based on Euclidean distance is applied for network traffic characterization and the principal of anomaly-based detection is employed in attack recognition. The effectiveness of the detection system is evaluated on the KDD Cup 99 dataset and the influence of data normalization on the performance of attack detection is analyzed in this paper as well. The evaluation results and comparisons prove that the detection system is effective in distinguishing DoS attack network traffic from legitimate network traffic and outperforms two state-of-the-art systems.

KW - Denial-of-service attack

KW - Euclidean distance

KW - Multivariate correlations

KW - Network traffic characterization

UR - http://www.scopus.com/inward/record.url?scp=84879820964&partnerID=8YFLogxK

U2 - 10.1145/2490428.2490450

DO - 10.1145/2490428.2490450

M3 - Conference contribution

AN - SCOPUS:84879820964

SN - 9781450318228

T3 - ACM International Conference Proceeding Series

SP - 160

EP - 164

BT - Proceedings - 1st International Conference on Security of Internet of Things, SecurIT 2012

T2 - 1st International Conference on Security of Internet of Things, SecurIT 2012

Y2 - 17 August 2012 through 19 August 2012

ER -

Evaluation on multivariate correlation analysis based denial-of-service attack detection system

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this