The main objective is accuracy detection on attack detection while considering the both normalization and non normalization data. In computing systems, the impact of Denial-Of-Service (DOS) attacks is most severe. Detection system for Denial-Of-Service attacks are introduced on basis of multivariate correlation analysis (MCA).Multivariate correlation analysis for network traffic are extracted the geometrical correlation between network features. A triangle based technique is proposed for speed up the multivariate correlation analysis. DoS attack detection mainly focus on the improvement of network-based detection mechanisms. Detection systems are based on some of method monitor traffic transmitting over the confined networks. The proposed approach improves detection accuracy; it is susceptible to attacks that linearly change all monitored features. Mahalanobis distance (MD) was used to extract the correlations between the selected packet payload features. Normalization technique is used to eliminate the partiality from the raw data. Denial-OF-SERVICE (DoS) attacks are one type of aggressive and menacing intrusive behavior to online servers. DoS attacks severely degrade the availability of a victim, which can be a host, a router, or an entire network. They impose intensive computation tasks to the victim by exploiting its system vulnerability or flooding it with huge amount of useless packets. The victim can be forced out of service from a few minutes to even several days. This causes serious damages to the services running on the victim. Therefore, effective detection of DoS attacks is essential to the protection of online services