基于ANN与KPCA的LDoS攻击检测方法

吴志军; 刘亮; 岳猛

doi:10.11959/j.issn.1000-436x.2018073

您当前的位置：

首页 >

文章列表页 >

基于ANN与KPCA的LDoS攻击检测方法

学术论文 | 更新时间：2024-06-05

- 基于ANN与KPCA的LDoS攻击检测方法
- Detection method of LDoS attacks based on combination of ANN ＆ KPCA
- 通信学报 2018年39卷第5期页码：11-22
- 作者机构：
  
  中国民航大学电子信息与自动化学院，天津 300300
- 作者简介：
  
  [ "吴志军（1965-），男，河南固始人，博士，中国民航大学教授、博士生导师，主要研究方向为网络空间安全。" ]
  [ "刘亮（1991-），男，天津人，中国民航大学硕士生，主要研究方向为网络信息安全、低速率拒绝服务攻击的检测。" ]
  [ "岳猛（1984-），男，河北沧州人，博士，中国民航大学讲师，主要研究方向为信息安全、云计算、低速率拒绝服务攻击的检测。" ]
- 基金信息：
  
  国家自然科学基金资助项目(U1533107);天津市自然科学基金资助项目(17JCZDJC30900)
- DOI：10.11959/j.issn.1000-436x.2018073
  中图分类号： TP302
- 网络出版日期：2018-05，
  
  纸质出版日期：2018-05-25
- 稿件说明：
移动端阅览
吴志军, 刘亮, 岳猛. 基于ANN与KPCA的LDoS攻击检测方法[J]. 通信学报, 2018,39(5):11-22.

Zhijun WU, Liang LIU, Meng YUE. Detection method of LDoS attacks based on combination of ANN ＆ KPCA[J]. Journal on communications, 2018, 39(5): 11-22.
吴志军, 刘亮, 岳猛. 基于ANN与KPCA的LDoS攻击检测方法[J]. 通信学报, 2018,39(5):11-22. DOI： 10.11959/j.issn.1000-436x.2018073.

Zhijun WU, Liang LIU, Meng YUE. Detection method of LDoS attacks based on combination of ANN ＆ KPCA[J]. Journal on communications, 2018, 39(5): 11-22. DOI： 10.11959/j.issn.1000-436x.2018073.

摘要

低速率拒绝服务（LDoS

low-rate denial of service）攻击是一种新的面向TCP协议的攻击方式，它具有攻击速率低、隐蔽性强的特点，很难被传统DoS攻击检测措施发现。针对其特点，采用网络大数据分析技术，从路由器队列中挖掘一种LDoS攻击特征，将核主成分分析（KPCA

kernel principal component analysis）方法与神经网络结合，提出一种新的检测LDoS攻击的方法。该方法将路由器队列特征采用KPCA降维，作为神经网络输入，再利用BP神经网络自学习能力生成LDoS分类器，达到检测LDoS攻击的目的。实验结果表明该方法有较好的检测有效性和较低的计算复杂度，对设计防御LDoS攻击的路由器有一些借鉴意义。

Abstract

Low-rate denial-of-service (LDoS) attack is a new type of attack mode for TCP protocol.Characteristics of low average rate and strong concealment make it difficult for detection by traditional DoS detecting methods.According to characteristics of LDoS attacks

a new LDoS queue future was proposed from the router queue

the kernel principal component analysis (KPCA) method was combined with neural network

and a new method was present to detect LDoS attacks.The method reduced the dimensionality of queue feature via KPCA algorithm and made the reduced dimension data as the inputs of neural network.For the good sell-learning ability

BP neural network could generate a great LDoS attack classifier and this classifier was used to detect the attack.Experiment results show that the proposed approach has the characteristics of effectiveness and low algorithm complexity

which helps the design of high performance router.

关键词

Keywords

references

KUZMANOVIC A , KNIGHTLY E W . Low-rate TCP-targeted denial of service attacks -the shrew vsthe mice and elephants [C ] // ACM SIGCOMM . 2003 : 25 - 29 .

KUZMANOVIC A , KNIGHTLY E W . Low-rate TCP-targeted denial of service attacks and counter strategies [J ] . IEEE/ACM Transactions on Networking , 2006 , 14 ( 4 ): 683 - 696 .

何炎祥 , 刘陶 , 曹强 , 等 . 低速率拒绝服务攻击研究综述 [J ] . 计算机科学与探索 , 2008 , 2 ( 1 ): 1 - 19 .

HE Y X , LIU T , CAO Q , et al . A survey of low-rate denial-of-service attacks [J ] . Journal of Frontiers of Computer Science and Technology , 2008 , 2 ( 1 ): 1 - 19 .

岳猛 , 张才峰 , 吴志军 . 隐马尔科夫模型检测 LDoS 攻击方法的研究 [J ] . 信号处理 , 2015 , 31 ( 11 ): 1454 - 1460 .

YUE M , ZHANG C F , WU Z J . The research of detecting LDoS attacks based on hidden Markov model [J ] . Journal of Signal Processing , 2015 , 31 ( 11 ): 1454 - 1460 .

YU C , KAI H , KWOK Y K . Collaborative defense against periodic shrew DDoS attacks in frequency domain [J ] . ACM Transactions on Information and System Security , 2005 : 2 - 27 .

何炎祥 , 曹强 , 刘陶 , 等 . 一种基于小波特征提取的低速率DoS检测方法 [J ] . 软件学报 , 2009 , 20 ( 4 ): 930 - 941 .

HE Y X , CAO Q , LIU T , et al . A low-rate DoS detection method based on feature extraction using wavelet transform [J ] . Journal of Software , 2009 , 20 ( 4 ): 930 - 941 .

LIU X , ZHANG M , XU G . Construction of distributed LDoS attack based on one-dimensional random walk algorithm [C ] // International Conference on Cloud Computing and Intelligence Systems . 2012 : 685 - 689 .

张静 , 胡华平 , 刘波 , 等 . 基于ASPQ的LDoS攻击检测方法 [J ] . 通信学报 , 2012 , 33 ( 5 ): 79 - 84 .

ZHANG J , HU H P , LIU B , et al . Detecting LDoS attack based on ASPQ [J ] . Journal on Communications , 2012 , 33 ( 5 ): 79 - 84 .

SUN J , ZUKERMAN M . An adaptive neuron AQM for a stable internet [M ] // Ad Hoc and Sensor Networks,Wireless Networks,Next Generation Internet . Springer Berlin Heidelberg , 2007 : 844 - 854 .

KUZMANOVIC A . The power of explicit congestion notification [J ] . ACM Sigcomm Computer Communication Review , 2005 , 35 ( 4 ): 61 - 72 .

SARAT S , TERZIS A . On the effect of router buffer sizes on low-rate denial of service attacks [C ] // International Conference on Computer Communications and Networks . 2005 : 281 - 286 .

MOHAN L , JOHN J K , BIJESH M G . Shrew attack prevention in RED queue with partial flow analysis [J ] . International Journal of Computer Applications , 2013 , 67 ( 8 ): 9 - 15 .

张长旺 , 殷建平 , 蔡志平 , 等 . 抗 DDoS 攻击的主动队列管理算法 [J ] . 软件学报 , 2011 , 22 ( 9 ): 2182 - 2192 .

ZHANG C W , YIN J P , CAI Z P , et al . Active queue management algorithm to counter DDoS attacks [J ] . Journal of Software , 2011 , 22 ( 9 ): 2182 - 2192 .

HAMLET M R , MICHEL K , BÉATRICE P P . TCP and network coding:equilibrium and dynamic properties [J ] . IEEE/ACM Transactions on Networking , 2016 , 24 ( 4 ): 1935 - 1947 .

ZHAO Y , MA Z G , ZHENG X F , et al . An improved algorithm of nonlinear RED based on membership cloud theory [J ] . Chinese Journal of Electronics , 2017 , 26 ( 3 ): 537 - 543 .

GUIRGUIS M. , BESTAVROS A , MATTA I . Exploiting the transients of adaptation for RoQ attacks on Internet re-sources [C ] // IEEE ICNP . 2004 : 184 - 195 .

高海华 , 杨辉华 , 王行愚 , 等 . 基于PCA和KPCA特征抽取的SVM网络入侵检测方法 [J ] . 华东理工大学学报（自然科学版） , 2006 , 32 ( 3 ): 321 - 326 .

GAO H H , YANG H H , WANG X Y , et al . PCA/KPCA feature extraction approach to SVM for anomaly detection [J ] . Journal of East China University of Science and Technology , 2006 , 32 ( 3 ): 321 - 326 .

ZHANG X Y , WU Z J , CHEN J S , et al . An adaptive KPCA approach for detecting LDoS attack [J ] . International Journal of Communication Systems , 2017 , 30 ( 4 ): 1 - 8 .

ZHANG C W , CAI Z , CHEN W , et al . Flow level detection and filtering of low-rate DDoS [J ] . Computer Networks the International Journal of Computer ＆ Telecommunications Networking , 2012 , 56 ( 15 ): 3417 - 3431 .

FENG W C , KANDLUR D D , SAHA D , et al . Stochastic fair blue:a queue management algorithm for enforcing fairness [C ] // The 20th Joint Conference of the IEEE Computer ＆ Communications Societies . 2001 : 1520 - 1529 .

MOHAN L , BIJESH M G , JOHN J K . Survey of low rate denial of service (LDoS) attack on RED and its counter strategies [C ] // IEEE International Conference on Computational Intelligence ＆ Computing Research . 2012 : 1 - 7 .

苏治 , 傅晓媛 . 核主成分遗传算法与 SVR 选股模型改进 [J ] . 统计研究 , 2013 , 30 ( 5 ): 54 - 62 .

SU Z , FU X Y . Kernel principal component genetic algorithm and improved SVR stock selection model [J ] . Statistical Research , 2013 , 30 ( 5 ): 54 - 62 .

LI J , YU L . Using BP neural networks for the simulation of energy consumption [C ] // IEEE International Conference on Systems,Man and Cybernetics . 2014 : 3542 - 3547 .

刘陶 , 何炎祥 , 熊琦 . 一种基于Q学习的LDoS攻击实时防御机制及其CPN实现 [J ] . 计算机研究与发展 , 2011 , 48 ( 3 ): 432 - 439 .

LIU T , HE Y X , XIONG Q . A Q-learning based real-time mitigating mechanism against LDoS attack and its modeling and simulation with CPN [J ] . Journal of Computer Research and Development , 2011 , 48 ( 3 ): 432 - 439 .

WU Z J , ZHANG L Y , YUE M . Low-rate DoS attacks detection based on network multifractal [J ] . IEEE Transactions on Dependable ＆ Secure Computing , 2016 , 13 ( 5 ): 559 - 567 .

赵峰 , 张军英 . 一种 KPCA 的快速算法 [J ] . 控制与决策 , 2007 , 22 ( 9 ): 1044 - 1048 .

ZHAO F , ZHANG J Y . Fast algorithm about KPCA [J ] . Control and Decision , 2007 , 22 ( 9 ): 1044 - 1048 .

浏览量

1082

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于阵列的神经网络水声通信信号多参数联合估计算法

基于神经网络的恶意DNS流量检测方法

基于可见光和射频融合的通信定位一体化系统

基于特征依赖图的源代码漏洞检测方法

基于改进CFCC特征提取的语种识别算法研究