期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

CUSUM算法在DDoS源端检测中的应用 被引量:3

Detecting DDoS attacks in source-end network with CUSUM algorithm
下载PDF
导出
摘要 在深入分析了DDoS源端检测的特点和难点的基础上,引入统计学中非参数改变点检测方法,应用非参数化递归CUSUM(Cumulative Sum)算法对代表性的源端检测系统D-WARD进行了改进。经实验验证,应用CUSUM算法的检测系统具有更低的误报率和漏报率,能够适应更复杂的网络检测环境。 After characteristics and difficult problems in detecting DDoS attacks were analyzed in source-end network, a nonparametric change point detection method in statistics was introduced and D-WARD system, a representative source-end DDoS detection system, was improved with nonparametrie reeursive CUSUM algorithm. Experiments prove that the improved system is lower in false-positive rate and false-negative rate, which is more accurate and could adapt to more complex network environments.
作者 康健 鞠九滨
机构地区 吉林大学计算机科学与技术学院
出处 《计算机应用》 CSCD 北大核心 2006年第6期1343-1345,共3页 journal of Computer Applications
基金 国家自然科学基金资助项目(90204014)
关键词 分布式拒绝服务 非参数CUSUM D-WARD 源端检测 DDoS nonparametric CUSUM D-WARD source-end detection
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1STEIN L, STUART J. The World Wide Web Security FAQ[ EB/OL]. http://www, w3. org/security/faq, February 4, 2002.
  • 2MIRKOVIG J. D-WARD: DDoS Network Attack Recognition and Defense[ D]. GSD of UGLA, 2002,
  • 3MIRKOVIC J, D-WARD: Source End Defense Against Distributed DeniM-of-Service Attacks[M].CSD of UCLA, 2003. 101-125.
  • 4BASSEVIELE M, NIKIFOROV IV. Detection of Abrupt Changes:Theory and Application[ M]. Prentice Hall, 1993.
  • 5BRODSKY BE , DARKHOVSKY BS . Nonparametric Methods in Change point Problems[ M]. Kluwer Academic Publishers, 1993.
  • 6FELDMANN A. Characteristics of TCP Connection Arrivals[ R].ATT Technical Report, 1998.
  • 7GIL TM, POLETTO M. Multops: a data-structure for bandwidth attack detection[ A]. Proceedings of the 10th USENIX Security Symposium[ C], 2001.
  • 8TAKADA HH, HOFMANN U. Application and Analyses of Cumulative Sum to Detect Highly Distributed Denial of Service Attacks using Different Attack Traffic Patterns [ EB/OL]. http://www.ist -intermon.org/dissemination/newsletter7. pdf, 2004.
  • 9SIRIS VA, PAPAGALOU F. Application of anomaly detection algorithms for detecting SYN flooding attacks[ A]. Proc. of the Conf. on Global Telecommunications[C].2004.

同被引文献19

  • 1步山岳,张海艳,王汝传.基于改进CUSUM算法的网络异常流量检测[J].计算机应用研究,2009,26(2):500-501. 被引量:6
  • 2陈峰,罗养霞,陈晓江,龚晓庆,房鼎益.网络攻击技术研究进展[J].西北大学学报(自然科学版),2007,37(2):208-212. 被引量:15
  • 3Sanjeev Kumar.Smurf-based Distributed Denial of Service (DDoS)Attack Amplification in Internet. Second Interna-tional Conference on Internet Monitoring and Protection (ICIMP2007) . 2007
  • 4VA Siris, F Papagalou. Application of anomaly detection algorithms for detecting SYN flooding attacks[C]// GlobalTelecommunications Conference. IEEE:[s.n.], 2004,14:2050-2054.
  • 5Sun C H, Fan J D, Liu B. A robust scheme to detect SYN flooding attacks [C]∥Proceedings of the Second InternationalConference on Communications and Network in China. Shanghai:[s.n.], 2007:397-401.
  • 6Srirangarajan S, Allen M, Preis A, et al. Wavelet-based burst event detection and localization in water distribution systems. J Sign Process Syst,2013,72(1):1-16.
  • 7Trietsch E A, Vreeburg J H G. Reliability of valves and section isolation. Water Science and Technology: Water Supply,2005,5 (2):47-51.
  • 8Page E S. Continuous inspection schemes. Biometrlka, 1954, 41:100-115.
  • 9Hwang H, Lin H, Shinozuka M. Seismic performance assess- ment of water delivery systems . J Infrast Syst, 1998,4 (3) : 118 -125.
  • 10诸葛建伟,韩心慧,周勇林,叶志远,邹维.僵尸网络研究[J].软件学报,2008,19(3):702-715. 被引量:157

引证文献3

二级引证文献8

计算机应用
2006年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部