TY - GEN
T1 - Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization
AU - Tan, Zhiyuan
AU - Jamdagni, Aruna
AU - He, Xiangjian
AU - Nanda, Priyadarsi
AU - Liu, Ren Ping
PY - 2011
Y1 - 2011
N2 - The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.
AB - The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.
KW - Characterization
KW - Denial-of-Service Attack
KW - Euclidean Distance Map
KW - Multivariate Correlations
KW - Second-order Statistics
UR - http://www.scopus.com/inward/record.url?scp=81055144622&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-25243-3_31
DO - 10.1007/978-3-642-25243-3_31
M3 - Conference contribution
AN - SCOPUS:81055144622
SN - 9783642252426
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 388
EP - 398
BT - Information and Communications Security - 13th International Conference, ICICS 2011, Proceedings
T2 - 13th International Conference on Information and Communications Security, ICICS 2011
Y2 - 23 November 2011 through 26 November 2011
ER -