Denial-Of-Service Attack Detection Based On Multivariate Correlation Analysis and Triangle Area Map Generation

In computing, a denial-of-service (DoS) is an attempt to make a machine or network resource unavailable to its intended users. A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root name servers. Systems like Web servers, database servers, cloud computing servers etc. are very vulnerable to be attacked by network hackers. Denial-of-Service (DoS) attacks cause disastrous effects on these computing systems. In this paper, a detection system is proposed that detects DoS attacks by using the technique of Multivariate Correlation Analysis (MCA). The technique of MCA is used for accurate network traffic characterization by extracting the geometrical correlations between network traffic features. For attack recognition, proposed system uses the principle of anomaly-based detection. The use of this principle makes it easier for detecting known and unknown DoS attacks effectively by learning the patterns of legitimate network traffic only.