Multivariate statistical analysis for network attacks detection

Guangzhi Qu, Salim A Hariri, Mazin Yousif

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Citations (Scopus)

Abstract

Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.

Original languageEnglish (US)
Title of host publication3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
Pages9-14
Number of pages6
Volume2005
DOIs
StatePublished - 2005
Event3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005 - Cairo, Egypt
Duration: Jan 3 2005Jan 6 2005

Other

Other3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005
CountryEgypt
CityCairo
Period1/3/051/6/05

Fingerprint

Viruses
Statistical methods
Network components
Electronic mail
Program processors
Network protocols
Data storage equipment
Monitoring
Multivariate Analysis

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Qu, G., Hariri, S. A., & Yousif, M. (2005). Multivariate statistical analysis for network attacks detection. In 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005 (Vol. 2005, pp. 9-14). [1387011] https://doi.org/10.1109/AICCSA.2005.1387011

Multivariate statistical analysis for network attacks detection. / Qu, Guangzhi; Hariri, Salim A; Yousif, Mazin.

3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005. Vol. 2005 2005. p. 9-14 1387011.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Qu, G, Hariri, SA & Yousif, M 2005, Multivariate statistical analysis for network attacks detection. in 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005. vol. 2005, 1387011, pp. 9-14, 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005, Cairo, Egypt, 1/3/05. https://doi.org/10.1109/AICCSA.2005.1387011
Qu G, Hariri SA, Yousif M. Multivariate statistical analysis for network attacks detection. In 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005. Vol. 2005. 2005. p. 9-14. 1387011 https://doi.org/10.1109/AICCSA.2005.1387011
Qu, Guangzhi ; Hariri, Salim A ; Yousif, Mazin. / Multivariate statistical analysis for network attacks detection. 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005. Vol. 2005 2005. pp. 9-14
@inproceedings{6e1314427df240e9b8ed03fdafb50bb0,
title = "Multivariate statistical analysis for network attacks detection",
abstract = "Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.",
author = "Guangzhi Qu and Hariri, {Salim A} and Mazin Yousif",
year = "2005",
doi = "10.1109/AICCSA.2005.1387011",
language = "English (US)",
isbn = "078038735X",
volume = "2005",
pages = "9--14",
booktitle = "3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005",

}

TY - GEN

T1 - Multivariate statistical analysis for network attacks detection

AU - Qu, Guangzhi

AU - Hariri, Salim A

AU - Yousif, Mazin

PY - 2005

Y1 - 2005

N2 - Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.

AB - Detection and self-protection against viruses, worms, and network attacks is urgently needed to protect network systems and their applications from catastrophic failures. Once a network component is infected by viruses, worms, or became a target of network attacks, its operational state shifts from normal to abnormal state. Online monitoring mechanism can collect important aspects of network traffic and host data (CPU utilization, memory usage, etc.), that can be effectively used to detect abnormal behaviors caused by attacks. In this paper, we develop an online multivariate analysis algorithm to analyze the behaviors of system resources and network protocols in order to proactively detect network attacks. We have validated an algorithm and showed how it can proactively detect accurately well-known attacks such as Distributed Denial of Service, SQL Slammer Worm, and Email spam attacks.

UR - http://www.scopus.com/inward/record.url?scp=33746499095&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33746499095&partnerID=8YFLogxK

U2 - 10.1109/AICCSA.2005.1387011

DO - 10.1109/AICCSA.2005.1387011

M3 - Conference contribution

AN - SCOPUS:33746499095

SN - 078038735X

SN - 9780780387355

VL - 2005

SP - 9

EP - 14

BT - 3rd ACS/IEEE International Conference on Computer Systems and Applications, 2005

ER -