DoS Attack Detection System Using Multivariate Correlation Analysis(MCA) and Classification Techniques

Authors

  • M. Ramya Tanaya  Computer Science and Engineering, V.R Siddhartha Engineering College ,Student, Vijayawada, Andhra Pradesh, India
  • K. Eswar  Computer Science and Engineering, V.R Siddhartha Engineering College, Assistant Professor, Vijayawada, Andhra Pradesh, India

Keywords:

Denial of Service Attacks, Multivariate Correlation, Classification Rules, Intrusion Prevention Systems, Internet Service Provider.

Abstract

Denial-of- Service (DoS) attacks cause serious impact on these computing systems. For detecting common specific operations of the denial of service attacks with proceedings of detection in distributed service attacks in networks. Recently use Multivariate Correlation Analysis (MCA) for accurate network traffic characterization by extracting the geometrical correlations between network traffic features. Our MCA-based DoS attack detection system employs the principle of anomaly-based detection in attack recognition. This makes our solution capable of detecting known and unknown DoS attacks effectively by learning the patterns of legitimate network traffic only. The sudden increase in traffic can cause the server to offer degraded performance. My Doom devastation on Microsoft, wiki leaks encounter with DoS barrages are some examples to highlight the impact. And other major Internet players like Amazon, CNN, and Yahoo are no exception. Early discovery of these attacks, although challenging, is necessary to protect victim server's network infrastructure resources. Previous intrusion prevention systems like MCA although efficient in thwarting DoS, its architecture is based on ISP collaboration and virtual protection rings. We propose to use an IPS rules (Classification rules) driven DoS detection approach that checks various parts of a data packet and not just the header. This enables the detection system to eliminate other forms DoS attacks such as Slow Read DoS attack. Its effectiveness and low overhead, as well as its support for incremental deployment in real networks are demonstrated.

References

  1. Zhiyuan Tan, Aruna Jamdagni, Xiangjian He, "A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis", IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS VOL:25 NO:2 YEAR 2014.
  2. P. Garca-Teodoro, J. Daz-Verdejo, G. Maci-Fernndez, and E. Vzquez, "Anomaly-based Network Intrusion Detection: Techniques, Systems and Challenges," Computers & Security, vol. 28, pp. 18-28, 2009.
  3. D. E. Denning, "An Intrusion-detection Model," IEEE Transactions on Software Engineering, pp. 222-232, 1987.
  4. K. Lee, J. Kim, K. H. Kwon, Y. Han, and S. Kim, "DoS attack detection method using cluster analysis," Expert Systems with Applications, vol. 34, no. 3, pp. 1659-1665, 2008.
  5. A. Tajbakhsh, M. Rahmati, and A. Mirzaei, "Intrusion detection using fuzzy association rules," Applied Soft Computing, vol. 9, no. 2, pp. 462-469, 2009.
  6. J. Yu, H. Lee, M.-S. Kim, and D. Park, "Traffic flooding attack detection with SNMP MIB using SVM," Computer Communications, vol. 31, no. 17, pp. 4212-4219, 2008.
  7. W. Hu, W. Hu, and S. Maybank, "AdaBoost-Based Algorithm for Network Intrusion Detection," Trans. Sys. Man Cyber. Part B, vol. 38, no. 2, pp. 577-583, 2008.
  8. C. Yu, H. Kai, and K. Wei-Shinn, "Collaborative Detection of DoS Attacks over Multiple Network Domains," Parallel and Distributed Systems, IEEE Transactions on, vol. 18, pp. 1649-1662, 2007.
  9. G. Thatte, U. Mitra, and J. Heidemann, "Parametric Methods for Anomaly Detection in Aggregate Traffic," Networking, IEEE/ACM Transactions on, vol. 19, no. 2, pp. 512-525, 2011.
  10. S. T. Sarasamma, Q. A. Zhu, and J. Huff, "Hierarchical Kohonenen Net for Anomaly Detection in Network Security," Systems, Man, and Cybernetics, Part B: Cybernetics, IEEE Transactions on, vol. 35, pp. 302-312, 2005.
  11. S. Yu, W. Zhou, W. Jia, S. Guo, Y. Xiang, and F. Tang, "Discriminating DoS Attacks from Flash Crowds Using Flow Correlation Coefficient," Parallel and Distributed Systems, IEEE Transactions on, vol. 23, pp. 1073-1080, 2012.
  12. S. Jin, D. S. Yeung, and X. Wang, "Network Intrusion Detection in Covariance Feature Space," Pattern Recognition, vol. 40, pp. 2185- 2197, 2007.
  13. C. F. Tsai and C. Y. Lin, "A Triangle Area Based Nearest Neighbors Approach to Intrusion Detection," Pattern Recognition, vol. 43, pp. 222-229, 2010.
  14. A. Jamdagni, Z. Tan, X. He, P. Nanda, and R. P. Liu, "RePIDS: A multi tier Real-time Payload-based Intrusion Detection System," Computer Networks, vol. 57, pp. 811-824, 2013.
  15. Z. Tan, A. Jamdagni, X. He, P. Nanda, and R. P. Liu, "Denial-of- Service Attack Detection Based on Multivariate Correlation Analysis," Neural Information Processing, 2011, pp. 756-765.
  16. Z. Tan, A. Jamdagni, X. He, P. Nanda, and R. P. Liu, "Triangle-Area-Based Multivariate Correlation Analysis for Effective Denial-of-Service Attack Detection," The 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, United Kingdom, 2012, pp. 33-40.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2017-10-31

Issue

Volume 2, Issue 5, September-October-2017

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
M. Ramya Tanaya, K. Eswar, " DoS Attack Detection System Using Multivariate Correlation Analysis(MCA) and Classification Techniques, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 2, Issue 5, pp.630-635, September-October-2017.