期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

DoS/DDoS数据两阶段聚类算法 被引量:1

Two-phase Clustering Algorithm for DoS/DDoS Data
下载PDF
导出
摘要 提出了一种无监督的两阶段聚类算法TPC(Two-Phase Clustering Algorithm)用于识别DoS(denial of service)/DDoS(distributed denial of service)攻击流数据,算法第一阶段根据样本的距离相似性计算密度区域和稀疏区域,利用密度连接的概念对样本集进行初步聚合,第二阶段利用聚类内部的散布程度和样本平均距离来表示计算聚类之间的相似性,对性质相似的聚类进一步递归聚合.算法不仅够识别不规则形状的聚类,还能识别对不同密度的聚类,解决了密度聚类算法需要设置合适的全局参数的弊端. An unsupervised two-phase clustering algorithm (TPC) is tributed denial of service) data traffic in this paper. In the first phase proposed to identify DoS/DDoS (denial of service/ disthe algorithm finds the dense regions and the sparse regions using the cases distance similarity, then initially agglomerates the cases based on density connected notion. In the second phase the algorithm computers the clusters similarity making use of the cluster distributed degree and the average distance then processes the recursive agglomerations between the close clusters. The algorithm is significantly effective not only in discovering arbitrary shape clusters,but also in identification different density clusters. Furthermore,the algorithm overcomes the density-based clustering algorithm's drawback, the requirement of the global appropriate input parameters.
作者 张伟 王绍棣
机构地区 南京邮电大学计算机学院
出处 《小型微型计算机系统》 CSCD 北大核心 2008年第2期297-303,共7页 Journal of Chinese Computer Systems
基金 国家高技术研究发展计划项目“八六三”(2005AA775050)资助
关键词 密度聚类 相似性 DOS/DDOS density-based clustering similarity DoS/DDoS
分类号 TP18 [自动化与计算机技术—控制理论与控制工程]
  • 相关文献

参考文献23

  • 1Mirkovic J,Reiher P. A taxonomy of DDoS attack and DDoS defense mechanisms[J]. ACM SIGCOMM Computer Communication Review, 2004,34(2) . 39-53.
  • 2Wang HN, Zhang DL, Kang GS. Detecting SYN flooding attacks [J]. IEEE Computer and Communication Society, 2002,3 (6) :1530-1539.
  • 3Jelena Mirkovi'c, Peter Reiher,Jelena Mirkovic,et al. Attacking DDoS at the source[C]. Proceedings of the 10th IEEE International Conference on Network Protocols (ICNP'02), Paris, France, 2002,3-4.
  • 4Paxson V. End-to-end routing behavior in the internet[J]. IEEE/ACM Transactions on Networking,1997,5.601-615.
  • 5Ratul Mahajan, Steven M Bellovin. Controlling high bandwidth aggregates in the network[J]. Computer Communications Review, 2002,32(3) . 62-73.
  • 6Chen M S, Han J, Yu P S. Data mining., an overview from database perspective[J]. IEEE Transactions on Knowledge and Data Eng. December 1996,8(6) .866-883.
  • 7Zhang T, Ramakrishna R, Livny M. BIRCH: an efficient data clustering method for very large databases [J]. SIGMOD Record, 1996,25 (2) . 103-114.
  • 8Guha S,Rastogi R,Shim K. CURE,an efficient clustering algorithm for large databases[J]. SIGMOD Record,1998,27(2):73- 84.
  • 9Camastra F,Verri A. A novel kernel method for clustering[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 2005,27 (5) . 801 - 804.
  • 10Boecker A,Derksen S,Schmidt E. A hierarchical clustering approach for large compound libraries[j]. Journal. Chemical. Inf. Mod. ,2005,45(4) :807-815.

同被引文献4

  • 1Mirkovic J,Reiher P.Ataxonomy of DDoS attack and DDoS defense mechanisms[J].ACM SIGCOM M Computer Communication Review,2004,34(2):39-53.
  • 2Mukherjee B,Levitt T L.Network intrusion detection[J].IEEE Network,1994,8(3):26-41.
  • 3CERT Coordination Center.CERT/CC Statistics for through[EB/OL].http://www.cert.org/stats/cert-stats.html,2000-01-03.
  • 4胡亮,康健,赵阔,孟凡二.入侵检测系统[J].吉林大学学报(信息科学版),2002,20(4):46-53. 被引量:10

引证文献1

小型微型计算机系统
2008年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部