Multivariate statistical analysis for network attacks detection

Guangzhi Qu, Salim Hariri, Mazin Yousif

Research output: Chapter in Book/Report/Conference proceedingConference contribution

20 Scopus citations

Abstract

Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.

Original languageEnglish (US)
Title of host publication3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
Pages9-14
Number of pages6
DOIs
StatePublished - 2005
Event3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005 - Cairo, Egypt
Duration: Jan 3 2005Jan 6 2005

Publication series

Name3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
Volume2005

Other

Other3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
Country/TerritoryEgypt
CityCairo
Period1/3/051/6/05

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Multivariate statistical analysis for network attacks detection'. Together they form a unique fingerprint.

Cite this