| 基于地址相关度的分布式拒绝服务攻击检测方法 |
| |
| 引用本文: | 程杰仁,殷建平,刘运,蔡志平,李敏.基于地址相关度的分布式拒绝服务攻击检测方法[J].计算机研究与发展,2009,46(8). |
| |
| 作者姓名: | 程杰仁 殷建平 刘运 蔡志平 李敏 |
| |
| 作者单位: | 1. 国防科学技术大学计算机学院,长沙,410073;湘南学院数学系,湖南郴州,423000
2. 国防科学技术大学计算机学院,长沙,410073 |
| |
| 基金项目: | 国家自然科学基金项目,湖南省教育厅资助项目,湖南省自然科学基金项目,公安部应用创新计划基金项目 |
| |
| 摘 要: | 分布式拒绝服务(DDoS)攻击检测是网络安全领域的研究热点.对DDoS攻击的研究进展及其特点进行了详细分析,针对DDoS攻击流的流量突发性、流非对称性、源IP地址分布性和目标IP地址集中性等本质特征提出了网络流的地址相关度(ACV)的概念.为了充分利用ACV,提高方法的检测质量,提出了基于ACV的DDoS攻击检测方法,通过自回归模型的参数拟合将ACV时间序列变换为多维空间内的AR模型参数向量序列来描述网络流状态特征,采用支持向量机分类器对当前网络流状态进行分类以识别DDoS攻击.实验结果表明,该检测方法能够有效地检测DDoS攻击,降低误报率.
|
| 关 键 词: | 网络安全 分布式拒绝服务攻击 地址相关度 自回归模型 支持向量机 |
Detecting Distributed Denial of Service Attack Based on Address Correlation Value |
| |
| Cheng Jieren,Yin Jianping,Liu Yun,Cai Zhiping,Li Min.Detecting Distributed Denial of Service Attack Based on Address Correlation Value[J].Journal of Computer Research and Development,2009,46(8). |
| |
| Authors: | Cheng Jieren Yin Jianping Liu Yun Cai Zhiping Li Min |
| |
| Affiliation: | College of Computer;National University of Defense Technology;Changsha 410073;Department of Mathematics;Xiangnan University;Chenzhou;Hunan 423000 |
| |
| Abstract: | Detecting distributed denial of service(DDoS) attacks is currently a hot topic in the network security field.The characteristics of DDoS attacks and the existing methods to detect DDoS attacks are analyzed,and a novel detection scheme for DDoS attacks based on address correlation value(ACV) is proposed.ACV is designed to reflect the essential features of DDoS attacks,such as the abrupt traffic change,flow dissymmetry,distributed source IP addresses and concentrated target IP addresses.To increase the detect... |
| |
| Keywords: | network security distributed denial of service attack address correlation value autoregressive model support vector machine |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
