TY - GEN
T1 - Multivariate statistical analysis for network attacks detection
AU - Qu, Guangzhi
AU - Hariri, Salim
AU - Yousif, Mazin
PY - 2005
Y1 - 2005
N2 - Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.
AB - Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.
UR - http://www.scopus.com/inward/record.url?scp=33746499095&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33746499095&partnerID=8YFLogxK
U2 - 10.1109/AICCSA.2005.1387011
DO - 10.1109/AICCSA.2005.1387011
M3 - Conference contribution
AN - SCOPUS:33746499095
SN - 078038735X
SN - 9780780387355
T3 - 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
SP - 9
EP - 14
BT - 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
T2 - 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
Y2 - 3 January 2005 through 6 January 2005
ER -