期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于Haar小波变换的低速率拒绝服务攻击检测方法

A Low-Rate Denial-of-Service Attack Detection Method Based on Haar Wavelet Analysis
下载PDF
导出
摘要 依据LDoS攻击周期性脉冲突发的特点,提出一种基于Haar小波特征提取的低速率拒绝服务攻击检测方法.该方法采用信号处理技术来分析网络流量提取特征指标,通过小波多尺度分析对网络流量综合诊断,较好地缓解了合法用户背景流量对攻击特征提取的干扰.NS-2仿真实验结果表明,该方法检测率高,消耗计算资源少,具有良好的理论研究和实用价值. The traditional statistical testing based methods have the shortcomings of low efficiency and high false positives. To solve this problem, according to the characteristic of periodicity and short burst in LDoS flows, a detection method against LDoS attacks has been designed and implemented based on feature extraction using wavelet transform. The proposed method extracts five feature indices of LDoS flows through wavelet multi--scale analysis of network traffic. Experiment results show that the method, capable of detecting the LDoS attack, achieves high detection rate with low computation cost, and hence has good practical value.
作者 蔡晓丽 陈舜青 宁慧
机构地区 常州工学院计算机信息工程学院 哈尔滨工程大学计算机科学与技术学院
出处 《微电子学与计算机》 CSCD 北大核心 2011年第11期102-105,共4页 Microelectronics & Computer
基金 国家自然科学基金项目(60975071) 国家"八六三"计划项目(2009AA04Z215) 常州工学院教学科研基金项目(J080513 J080102)
关键词 低速率拒绝服务攻击 流量特征 异常检测 low--rate denial--of--service attacks (LDoS) traffic character abnormal detection
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献5

  • 1Kuzmanovic A, Knightly EW. Low--Rate TCP--targe- ted denial of service attacks--the shrew vs. the mice and elephants[C]// Proc. Of the ACM SIGCOMM 2003. New York: ACM Press, 2003: 75-86.
  • 2李刚,华蓓,杨兴良.自适应分布式拒绝服务攻击的防御机制研究[J].计算机仿真,2006,23(11):145-148. 被引量:3
  • 3Sun H, Lui J C S, Yau D KY. Defending against low-- rate TCP attacks: dynamic detection and protection[C] // Proc. of the 12th IEEE Int'l Conf. on Network Pro- tocols (ICNP 2004). New York: IEEE Press, 2004:196 --205.
  • 4Chen Y, Hwang K. Collaborative detection and filtering of shrew DDoS attacks using spectral analysisrJ]. Jour- nal of Parallel and Distributed Computing, 2006,66(9): 1137-1151.
  • 5Shensa M J. The discrete wavelet transform: wedding the ci trous and mallat algorithms [J]. IEEE Transac- tions on Signal Processing, 1992,40(10):2464-2482.

二级参考文献7

  • 1Thomer M Gil,etc.A Data-structure for Bandwidth Attack Detection[C].In Proc.of the 10 th USENIX Security Symposium,August 2001.
  • 2L Feinstein,et al.,Statistical Approaches to DDoS Attack Detection and Response[C].In Proc.of the DARPA Information Survivability Conference and Exposition,22-24 April 2003,1:303-314.
  • 3Steven J Templeton,etc.Detecting Spoofed Padkets[C].Proceedings of the DARPA Information Survivability Coference and Exposition (DISCEX'03),2003.164-175.
  • 4Jonathan Lemon.Resisting SYN flood DoS attacks with a SYN cache[C].USNIX BSDCon2002,WEDNESDAY,FEBRUARY 13,2002.98-98.
  • 5P Ferguson and D Senie.Network Ingress Filtering:Defeating Denial of Service Attacks which employ IP Source Address Spoofing[R].RFC2267,May 1998.
  • 6Dawn X.iaodong Song,etc.Advanced and Authenticated Marking Schemes for IP Tra-ceback[C].In:Twentieth Annual Joint Conference of the IEEE Computer and Communicat-ions Societies.Proceedings.IEEE Volume2,ww-26 April 2001.878-886.
  • 7K Park and H Lee.on the effctiveness of probabilistic packet marking for IP traceback under denial of service attack[C].In:proceedings of IEEE INFOCOM'01,2001.338-347.

共引文献2

微电子学与计算机
2011年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部