| 非参数PCUSUM算法DDoS攻击检测 |
| |
| 引用本文: | 莫家庆,胡忠望,林瑜华.非参数PCUSUM算法DDoS攻击检测[J].计算机工程与应用,2011,47(22):96-98. |
| |
| 作者姓名: | 莫家庆 胡忠望 林瑜华 |
| |
| 作者单位: | 1.广东肇庆学院 计算机学院,广东 肇庆 526061 2.广东肇庆学院 教育技术与计算机中心,广东 肇庆 526061 |
| |
| 基金项目: | 广东省高等学校人才引进专项资金项目No.2010-343~~ |
| |
| 摘 要: | 针对DDoS攻击时受害端中报文段未确认率急剧变化的特点,提出一种有效的DDoS攻击检测方法,以达到在保证告警正确性的前提下缩短检测时间的目的。在受害端对TCP网络流进行检测,在每个时间间隔内统计未确认的报文段数量与总报文段的比率,并在下一时间间隔内对上一时间间隔的序列值进行修正,得到更准确的检测序列值,再运用非参数递归PCUSUM算法检测DDoS攻击。实验结果表明,该方法与CUSUM算法相比,具有更高的检测准确性和更快的检测速度。
|
| 关 键 词: | DDoS攻击 PCUSUM算法 受害端检测 未确认报文段 |
| 修稿时间: | |
DDoS attack detection based on non-parameter PCUSUM algorithm |
| |
| MO Jiaqing,HU Zhongwang,LIN Yuhua.DDoS attack detection based on non-parameter PCUSUM algorithm[J].Computer Engineering and Applications,2011,47(22):96-98. |
| |
| Authors: | MO Jiaqing HU Zhongwang LIN Yuhua |
| |
| Affiliation: | 1.College of Computer,Zhaoqing University,Zhaoqing,Guangdong 526061,China 2.Center of Education and Computer,Zhaoqing University,Zhaoqing,Guangdong 526061,China |
| |
| Abstract: | The paper aims at the sharp change of ratio of unacknowledged packets in victim end,presents an effective method of DDoS attack detection which can shorten the detection time on the premise of guarantee alarm correctness.Detecting TCP network flow at the victim end,in every time intervals the ratio of unacknowledged packets quantity and total packets is caculated,and in next time intervals the sequence value of last time intervalis is revised,and more accurate detecting sequence value is gotten.The non-parameter recursion PCUSUM algorithm is used to detect DDoS attack.Simulation experiment shows that the method has higher detection accuracy and can improve the rate of detection. |
| |
| Keywords: | DDoS attack PCUSUM algorithm detection in victim end unacknowledged packets
|
| 本文献已被 CNKI 维普 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
