| 基于信息熵与LSTM的ICMPv6 DDoS攻击检测方法 |
| |
| 引用本文: | 江魁,丘远东,郑浩城. 基于信息熵与LSTM的ICMPv6 DDoS攻击检测方法[J]. 计算机工程与应用, 2021, 57(21): 148-154. DOI: 10.3778/j.issn.1002-8331.2007-0256 |
| |
| 作者姓名: | 江魁 丘远东 郑浩城 |
| |
| 作者单位: | 1.深圳大学 信息中心,广东 深圳 5180002.深圳大学 电子与信息工程学院,广东 深圳 518000 |
| |
| 摘 要: | ICMPv6(Internet Control Management Protocol version 6)协议作为IPv6网络运行的基础支撑协议,是IPv6 DDoS(Distribute Denial of Service)攻击防御的一个重要环节。在分析国内外ICMPv6 DDos攻击检测现状的基础上,提出了一种基于信息熵与长短期记忆网络(Long Short-Term Memory,LSTM)相结合的双重检测方法。该方法通过基于信息熵的初步检测能有效识别出异常流量,再进一步基于改进的LSTM网络的深度检测对异常流量进行确认。仿真实验表明,该方法对ICMPv6 DDoS攻击的识别准确率能达到95%以上,与常用的检测方法相比,该方法的准确率更高。同时,与只基于LSTM的检测方法相比,该方法缩短了50%以上的检测时间,具有更好的性能。
|
| 关 键 词: | 分布式拒绝服务攻击 攻击检测 ICMPv6 信息熵 长短期记忆网络 |
ICMPv6 DDoS Attack Detection Method Based on Information Entropy and LSTM |
| |
| JIANG Kui,QIU Yuandong,ZHENG Haocheng. ICMPv6 DDoS Attack Detection Method Based on Information Entropy and LSTM[J]. Computer Engineering and Applications, 2021, 57(21): 148-154. DOI: 10.3778/j.issn.1002-8331.2007-0256 |
| |
| Authors: | JIANG Kui QIU Yuandong ZHENG Haocheng |
| |
| Affiliation: | 1. Information Center, Shenzhen University, Shenzhen, Guangdong 518000, China2. College of Electronics and Information Engineering, Shenzhen University, Shenzhen, Guangdong 518000, China |
| |
| Abstract: | As the basic supporting protocol for IPv6 network operation, the ICMPv6 protocol is an important part of IPv6 DDoS attack defense. Based on the analysis of the current status of ICMPv6 DDos attack detection at home and abroad, this paper proposes a dual detection method based on the combination of information entropy and Long Short-Term Memory(LSTM). This method can effectively identify abnormal traffic through preliminary detection based on information entropy, and then confirm the abnormal traffic based on the deep detection of the improved LSTM neural network. Simulation experiments show that the accuracy of this method for identifying ICMPv6 DDoS attacks can reach more than 95%. Compared with the commonly used detection methods, the accuracy of this method is higher. At the same time, compared with the detection method based only on LSTM, this method shortens the detection time by more than 50% and has better performance. |
| |
| Keywords: | distributed denial of service attack attack detection ICMPv6 information entropy long short-term memory |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载免费的PDF全文 |
