| 基于混合深度学习的多类型低速率DDoS攻击检测方法 |
| |
| 作者姓名: | 李丽娟 李曼 毕红军 周华春 |
| |
| 作者单位: | 北京交通大学,北京 100044 |
| |
| 基金项目: | 国家重点研发计划(2018YFA0701604) |
| |
| 摘 要: | 低速率分布式拒绝服务攻击针对网络协议自适应机制中的漏洞实施攻击,对网络服务质量造成了巨大威胁,具有隐蔽性强、攻击速率低和周期性的特点.现有检测方法存在检测类型单一和识别精度低的问题,因此提出了一种基于混合深度学习的多类型低速率DDoS攻击检测方法.模拟不同类型的低速率DDoS攻击和5G环境下不同场景的正常流量,在网络入...
|
| 关 键 词: | 多类型 低速率DDoS攻击 混合深度学习 特征分析 攻击检测 |
Multi-type low-rate DDoS attack detection method based on hybrid deep learning |
| |
| Authors: | Lijuan LI Man LI Hongjun BI Huachun ZHOU |
| |
| Affiliation: | Beijing Jiaotong University, Beijing 100044, China |
| |
| Abstract: | Low-Rate distributed denial of service (DDoS) attack attacks the vulnerabilities in the adaptive mechanism of network protocols, posing a huge threat to the quality of network services.Low-Rate DDoS attack was characterized by high secrecy, low attack rate, and periodicity.Existing detection methods have the problems of single detection type and low identification accuracy.In order to solve them, a multi-type low-rate DDoS attack detection method based on hybrid deep learning was proposed.Different types of low-rate DDoS attacks and normal traffic in different scenarios under 5G environment were simulated.Traffic was collected at the network entrance and its traffic characteristic information was extracted to obtain multiple types of low-rate DDoS attack data sets.From the perspective of statistical threshold and feature engineering, the characteristics of different types of low-rate DDoS attacks were analyzed respectively, and the effective feature set of 40-dimension low-rate DDoS attacks was obtained.CNN-RF hybrid deep learning algorithm was used for offline training based on the effective feature set, and the performance of this algorithm was compared with LSTM-Light GBM and LSTM-RF algorithms.The CNN-RF detection model was deployed on the gateway to realize the online detection of multiple types of low-rate DDoS attacks, and the performance was evaluated by using the newly defined error interception rate and malicious traffic detection rate indexes.The results show that the proposed method can detect four types of low-rate DDoS attacks online, including Slow Headers attack, Slow Body attack, Slow Read attack and Shrew attack, and the error interception rate reaches 11.03% in 120 s time window.The detection rate of malicious traffic reaches 96.22%.It can be judged by the results that the proposed method can significantly reduce the intensity of low-rate DDoS attack traffic at the network entrance, and can be deployed and applied in the actual environment. |
| |
| Keywords: | multi-type low-rate DDoS attack hybrid deep learning feature analysis attack detection |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
