摘要
分布式拒绝服务(DDoS)攻击是当前主要的网络安全威胁之一。本文分析了DDoS攻击的本质特征,提出了结合流量及流特征分布熵的检测策略,并根据问题需要改进了k-means聚类算法,并用之建立攻击检测模型。最后,使用LLDOS1.0数据集对该模型进行测试。实验结果表明,该模型具有良好的检测精度,验证了检测策略的有效性。
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. This paper analyses the essential characteristics of DDoS attacks, and presents a novel detection scheme by combining the traffic volume with traffic feature distribution entropy. Furthermore, we improve the k-means clustering algorithm, which is used to establish the attack detection model. Finally we test our detection model on the LLDOS1.0 dataset. The experimental results indicate that the model leads to an improved accuracy of attack detection.
出处
《计算机工程与科学》
CSCD
2008年第12期23-26,共4页
Computer Engineering & Science
基金
国家自然科学基金资助项目(60603062)
湖南省自然科学基金资助项目(06JJ3035)
