期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

非参数PCUSUM算法DDoS攻击检测 被引量:3

DDoS attack detection based on non-parameter PCUSUM algorithm
下载PDF
导出
摘要 针对DDoS攻击时受害端中报文段未确认率急剧变化的特点,提出一种有效的DDoS攻击检测方法,以达到在保证告警正确性的前提下缩短检测时间的目的。在受害端对TCP网络流进行检测,在每个时间间隔内统计未确认的报文段数量与总报文段的比率,并在下一时间间隔内对上一时间间隔的序列值进行修正,得到更准确的检测序列值,再运用非参数递归PCUSUM算法检测DDoS攻击。实验结果表明,该方法与CUSUM算法相比,具有更高的检测准确性和更快的检测速度。 The paper aims at the sharp change of ratio of unacknowledged packets in victim end,presents an effective method of DDoS attack detection which can shorten the detection time on the premise of guarantee alarm correctness.Detecting TCP network flow at the victim end,in every time intervals the ratio of unacknowledged packets quantity and total packets is caculated,and in next time intervals the sequence value of last time intervalis is revised,and more accurate detecting sequence value is gotten.The non-parameter recursion PCUSUM algorithm is used to detect DDoS attack.Simulation experiment shows that the method has higher detection accuracy and can improve the rate of detection.
作者 莫家庆 胡忠望 林瑜华
机构地区 广东肇庆学院计算机学院 广东肇庆学院教育技术与计算机中心
出处 《计算机工程与应用》 CSCD 北大核心 2011年第22期96-98,共3页 Computer Engineering and Applications
基金 广东省高等学校人才引进专项资金项目No.2010-343~~
关键词 DDOS攻击 PCUSUM算法 受害端检测 未确认报文段 DDoS attack PCUSUM algorithm detection in victim end unacknowledged packets
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1陈伟,何炎祥,彭文灵.一种轻量级的拒绝服务攻击检测方法[J].计算机学报,2006,29(8):1392-1400. 被引量:26
  • 2朱文涛,李津生,洪佩琳.基于路由器代理的分布式湮没检测系统[J].计算机学报,2003,26(11):1585-1590. 被引量:8
  • 3Xiang Y, Lin Y, Lei WL, et al.Detecfing DDOS attack based on network self-similarily[C]//IEEE Int'l Conf on Communica- tions, 2004, 151 ( 3 ) : 292-295.
  • 4TAKADA H H, HOFMANN U.Application and analyses of cumulative sum to detect highly distributed denial of service at- tacks using different attack traffic pattems[EB/OL].(2004).http:// www.ist-intermon.
  • 5林白,李鸥,刘庆卫.基于序贯变化检测的DDoS攻击检测方法[J].计算机工程,2005,31(9):135-137. 被引量:6
  • 6WANG H, ZHANG D, SHIN K G.Detecting SYN flooding attacks[C]//Proceedings of the Annual Joint Conference of the IEEE Computer Society and Communications Society(/NFOCOM), New York, USA, 2002:1530-1539.
  • 7MOORE D, VOELKER G, SAVAGE S.Inferring internet denial of service activity[C]//Proceedings of USENIX Security Sympo- sium, 2001.
  • 8Page E S.Continuous inspection schemes[J].Biometrika, 1954,41: 100-115.
  • 9濮晓龙.关于累积和(CUSUM)检验的改进[J].应用数学学报,2003,26(2):225-241. 被引量:26

二级参考文献34

  • 1.中华人民共和国国家标准GB 4887-85.计数型累积和图[S].,1985..
  • 2Page E S. Continuous Inspection Schemes. Biometrika, 1954, 41:100-115.
  • 3Roberts S W. Control Chart Tests Based on Geometric Moving Average. Technometrics, 1959, 1:239-250.
  • 4Shewhaxt W A. Economic Control of Quality of Manufactured Product. New York: Van Nostrand,1931.
  • 5Kemp K W. The Average Run Length of the Cumulative Sum Chart When a V-mask is Used. Journal of the Royal Statistical Society (Series B), 1961, 23:149-153.
  • 6Can F F. An Optimal Design of CUSUM Quality Control Chaxts. Journal of Quality Technology,1991, 23(4): 279-286.
  • 7Hawkins D M. Cumulative Sum Charts and Charting for Quality Improvement. New York: Springer-Verlag, 1997.
  • 8Lucas J M, Crosier R B. Fast Initial Response for CUSUM Quality Control Schemes: Give Your CUSUM a Head Start. Technometrics, 1982, 24(3): 199-205.
  • 9TanenbaumAS.计算机网络(第3版)[M].北京:清华大学出版社,1998..
  • 10Basseville M,Nikiforov I V.Detection of Abrupt Changes : Theory and Application.Prentice Hall,1993

共引文献56

同被引文献32

  • 1康健,鞠九滨.CUSUM算法在DDoS源端检测中的应用[J].计算机应用,2006,26(6):1343-1345. 被引量:3
  • 2任勋益,王汝传,王海艳.基于自相似检测DDoS攻击的小波分析方法[J].通信学报,2006,27(5):6-11. 被引量:56
  • 3Peng T,Leckie C,Rramaohanarao K.Protection from distributed denial of service attacks using history-based IP filtering[C] //Proceedings of the International Conference on Communication (ICC).Anchorage:IEEE,2003:482-486.
  • 4Pu S.Choosing parameters for detecting DDoS attack[C] //Proceedings of the International Conference on Wavelet Active Media Technology and Information Processing.Chengdu:IEEE Computer Society,2012:239-242.
  • 5Chen Y H,Wang K,Ku W S.Collaborative detection of DDoS attacks over multiple network domains[J].IEEE transactions on parallel and distributed systems,2007,18(12):1649-1662.
  • 6Thapngam T,Yu S,Zhou W L.DDoS discrimination by linear discriminant analysis (LDA)[C] //Proceedings of the 2012 International Conference on Computing,Networking and Communications (ICNC).Maui:IEEE Computer Society,2012:532-536.
  • 7Xia Z M,Lu S N,Li J H.DDoS flood attack detection based on fraetal parameters[C] // Proceedings of the 8th International Conference on Wireless Communications,Networking and Mobile Computing.Shanghai,IEEE,2012:1-5.
  • 8Lakhina A,Papagiannaki K,Crovella M,et al.Structural analysis of network traffic flow[C] //Proceedings of the SIGMETRICS/Performance.New York:ACM,2004:61-72.
  • 9Lakhina A,Crovella M,Diot C.Diagnosing network-wide traffic anomalies[C] //Proceedings of the SIGCOMM' 04.Portland:ACM,2004:219-230.
  • 10Ringberg H,Soule A,Rexford J P,et al.Sensitivity of PCA for traffic anomaly detection[C] // Proceedings of the SIGMETRICS ' 07.San Diego:ACM,2007:109-120.

引证文献3

二级引证文献11

计算机工程与应用
2011年 第22期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部