期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

带可信度评估的连续小波分布式拒绝服务攻击检测算法 被引量:2

DDoS Attacks Detecting Algorithm Based on Continuous Wavelet Transforms with Reliability Evaluation
下载PDF
导出
摘要 针对传统方法难以实时、有效检测分布式拒绝服务(DDoS)攻击的问题,提出了一种带可信度评估的连续小波DDoS攻击检测算法.首先用不间断的连续小波变换对流量信号进行同步分析,通过发现平台突发信号来实时检测DDoS攻击,然后用报警可信度评估算法对经连续小波变换的检测结果进行二次处理,以消除单点突发信号和网络流量噪声带来的影响.经离散小波变换法、N点平均法以及梯度法的实验对比表明,所提算法对流量数据中的平台突发信号的检测效果比较好. As traditional methods cannot effectively detect DDoS attacks in time, a DDoS attack detecting algorithm based on continuous wavelet transforms with reliability evaluation is proposed to detect the DDoS attacks in real-time. In the algorithm, continuous wavelet transforms are used to analyze the traffic data uninterruptedly and to detect the short-flat-burst or the long-flat-burst, which always represent DDoS attacks, and then an algorithm evaluates the reliability of alert, and to reduce the inaccurate alerts caused by single-point-burst and flow noise. Experiments show that the detection algorithm is more effective in detecting DDoS attacks than the discrete wavelet transform method,N-point-average method and gradient method.
作者 杨新宇 侯光霞 杨树森
机构地区 西安交通大学计算机科学与技术系
出处 《西安交通大学学报》 EI CAS CSCD 北大核心 2008年第8期936-939,共4页 Journal of Xi'an Jiaotong University
基金 国家自然科学基金资助项目(60403028)
关键词 分布式拒绝服务 平台突发信号 连续小波变换 可信度评估 distributed denial of service flat-burst signal continuous wavelet transform reliability evaluating
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献9

  • 1KIM Y, JOJ Y, CHAO H J,et al, High-speed router filter for blocking TCP flooding under DDoS attack[C] // Proceedings of the IEEE International Performance, Computing and Communication Conference, Piscataway, NJ, USA: IEEE, 2003 : 183-190.
  • 2YAAR A, PERRIG A, SONG D, et al. Pi: a path identification mechanism to defend against DDoS attacks security and privacy [C] //Proceedings of 2003 Symposium on Security and Privacy. Piscataway, NJ, USA, IEEE, 2003:93-107.
  • 3李金明,王汝传.基于VTP方法的DDoS攻击实时检测技术研究[J].电子学报,2007,35(4):791-796. 被引量:18
  • 4GROSSMANN A. Wavelet transform and edge detection [C] /// Stochastics Processes in Physics and Engineering. Dorecht, Netherlands: Reidel, 1986 : 89-96.
  • 5MALLAT S. Zero-crossing of wavelet transform [J]. IEEE Trans on Information Theory, 1997,37 (4) : 1019- 1033.
  • 6GARCIA R C, SADIKU M N O, CANNADY J D. WAID: wavelet analysis intrusion detection [C]//The 2002 45th Midwest Symposium on Circuits and Systems. Piscataway, NJ, USA. IEEE, 2002:688-691.
  • 7NASH D A, RAGSDALE D J. Simulation of self-similarity in network utilization patterns as a precursor to automated testing of intrusion detection systems [J]. IEEE Trans on Systems, Man and Cybernetics, 2001, 31 (4) : 327-331.
  • 8杨福生.小波变换的工程分析与应用[M].北京:科学出版社,2006.
  • 9孙钦东,张德运,高鹏.基于时间序列分析的分布式拒绝服务攻击检测[J].计算机学报,2005,28(5):767-773. 被引量:55

二级参考文献28

  • 1孙钦东,张德运,孙朝晖,张晓.基于流连接密度的分布式拒绝服务攻击检测[J].西安交通大学学报,2004,38(10):1048-1052. 被引量:5
  • 2Haykin S. Adaptive Filter Theory. Third Edition. Upper Saddle River, New Jersey: Prentice-Hall, 1996
  • 3Vapnik V.N. The Nature of Statistical Learning Theory. NY: Springer-Verlag, 1995
  • 4Burges C.J.C. A tutorial on support vector machines for pattern recognition. Data Mining and Knowledge Discovery, 1998, 2(2): 121~167
  • 5Boser B.E., Guyon I.M., Vapnik V.N. A training algorithm for optimal margin classifiers. In: Proceedings of the 5th Annual ACM Workshop on COLT, Pittsburgh, 1992, 144~152
  • 6Osuna E., Freund R., Girosi F. Training support vector machines: An application to face detection. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, San Juan, Puerto, Rico, 1997, 130~136
  • 7Platt J.C. Sequetial minimal optimization: A fast algorithm for training support vector machines. Microsoft Research: Technical Report MST-TR-98-14, 1998
  • 8Criscuolo P.J. Distributed denial of service- trin00, tribe flood network, tribe flood network 2000, and stacheldraht. Lawrence Livermore National Laboratory, Livermore, CA: Technical Report CIAC-2319, 2000
  • 9Lau F., Rubin S.H., Smith M.H., Trajkovic L. Distributed denial of service attacks. In: Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics, Nashville, 2000, 2275~2280
  • 10Chang R.K.C. Defending against flooding-based distributed denial-of-service attacks: A tutorial. IEEE Communications Magazine, 2002(10): 42~51

共引文献78

同被引文献18

  • 1胡振宇,方滨兴,辛毅.网络蠕虫检测方法研究[J].微计算机信息,2008,24(6):64-65. 被引量:2
  • 2李和平,胡占义,吴毅红,吴福朝.基于半监督学习的行为建模与异常检测[J].软件学报,2007,18(3):527-537. 被引量:30
  • 3W.RichardStevens.TCP/IP详解卷1:协议[M].范建华译.北京:机械工业出版社,2000:174-195.
  • 4Barford P, Kline J, Plonka D. A signal analysis of network traf- fic anomalies [ C ]//Proceedings of ACM SIGCOMM Internet Measurement Workshop. [ s. l. ] : [ s. n. ] ,2002:71-82.
  • 5Kim S, Reddy A, Vannucci M. Detecting traffic anomalies through aggregate analysis of packet header data[ C]//Proc of Networking 2004 ( LNCS 3042 ). Berlin: Springer Verlag, 2004 : 1047-1059.
  • 6Chhabra P, John A,Saran H. PISA : antomatic extraction of traffic signatures [ C ]//Proe of Networking 2005 ( LNCS 3462 ). Berlin: Springer Verlag ,2005:730-742.
  • 7Estan C, Savage S, Varghese G. Automatically inferring pat- terns of resource consumption in network traffic [ C ]//Prec. ofACM SIC, COMM Confence. [s.l. ]:[s. n. ] ,2003.
  • 8Yasami Y, Mozaffari S P. A novel unsupervised classification approach for network anomaly detection by k-means clustering and ID3 decision tree learning method [ J ]. ACM Journal of Supercompufing ,2010,53 ( 1 ) :231-245.
  • 9Park N H, Oh S H, Lee W S. Anomaly intrusion detection byclustering transactional audit streams in a host computer[ J]. Information Sciences, 2010, 180 ( 12 ) : 2375 - 2389.
  • 10孙知信,李清东.基于源目的IP地址对数据库的防范DDos攻击策略[J].软件学报,2007,18(10):2613-2623. 被引量:21

引证文献2

二级引证文献4

西安交通大学学报
2008年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部