Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization
作者: Zhiyuan Tan , Aruna Jamdagni , Xiangjian He , Priyadarsi Nanda , Ren Ping Liu
DOI: 10.1007/978-3-642-25243-3_31
关键词: Euclidean distance map 、 Multivariate correlation analysis 、 Characterization (mathematics) 、 Multivariate statistics 、 Feature (computer vision) 、 Feature extraction 、 Data mining 、 Computer science 、 Discriminative model 、 Feature vector
摘要: The quality of feature has significant impact on the performance detection techniques used for Denial-of-Service (DoS) attack. features that fail to provide accurate characterization network traffic records make suffer from low accuracy in detection. Although researches have been conducted and attempted overcome this problem, there are some constraints these works. In paper, we propose a technique based Euclidean Distance Map (EDM) optimal extraction. proposed runs analysis original space (first-order statistics) extracts multivariate correlations between first-order statistics. extracted correlations, namely second-order statistics, preserve discriminative information characterizations records, can be high-quality potential DoS attack effectiveness is evaluated using KDD CUP 99 dataset experimental shows encouraging results.
utwente.nl
springer.com
core.ac.uk
narcis.nl
acm.org 参考文章(22)
Weizhi Meng, Dieter Gollmann, Christian D Jensen, Jianying Zhou, None, Information and Communications Security ,(2008)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Zhiyuan Tan, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu, Wenjing Jia, Wei-chang Yeh, A two-tier system for web attack detection using linear discriminant method international conference on information and communication security. ,vol. 6476, pp. 459- 471 ,(2010) , 10.1007/978-3-642-17650-0_32
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
C. Manikopoulos, S. Papavassiliou, Network intrusion and fault detection: a statistical anomaly approach IEEE Communications Magazine. ,vol. 40, pp. 76- 82 ,(2002) , 10.1109/MCOM.2002.1039860
MIKE FUGATE, JAMES R. GATTIKER, COMPUTER INTRUSION DETECTION WITH CLASSIFICATION AND ANOMALY DETECTION, USING SVMs International Journal of Pattern Recognition and Artificial Intelligence. ,vol. 17, pp. 441- 458 ,(2003) , 10.1142/S0218001403002459
Cheng Jin, Haining Wang, Kang G. Shin, Hop-count filtering: an effective defense against spoofed DDoS traffic computer and communications security. pp. 30- 41 ,(2003) , 10.1145/948109.948116
Animesh Patcha, Jung-Min Park, None, An overview of anomaly detection techniques: Existing solutions and latest technological trends Computer Networks. ,vol. 51, pp. 3448- 3470 ,(2007) , 10.1016/J.COMNET.2007.02.001
Chih-Fong Tsai, Chia-Ying Lin, A triangle area based nearest neighbors approach to intrusion detection Pattern Recognition. ,vol. 43, pp. 222- 229 ,(2010) , 10.1016/J.PATCOG.2009.05.017
Shuyuan Jin, Daniel So Yeung, Xizhao Wang, Network intrusion detection in covariance feature space Pattern Recognition. ,vol. 40, pp. 2185- 2197 ,(2007) , 10.1016/J.PATCOG.2006.12.010