期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于请求关键词的应用层DDoS攻击检测方法 被引量:2

Application-layer DDoS Attack Detection Based on Request Key words
下载PDF
导出
摘要 目前应用层DDoS攻击严重危害互联网的安全。现有的检测方法只针对某种特定的应用层DDoS攻击,而不能识别应用层上其它的DDoS攻击。为了能快速有效地识别出多种应用层DDoS攻击,提出一种基于请求关键词的应用层DDoS攻击检测方法,该方法以单位时间内请求关键词的频率分布差和个数作为输入,采用隐马尔可夫模型来检测应用层DDoS攻击。实验结果表明,该方法对应用层上的多种DDoS攻击都具有很高的检测率和较低的误报率。 Today, the application-layer DDoS attacks may cause great harm to the security of the Internet. Existing de- tection methods lack the versatility, i. e., an approach only focuses on one particular application-layer DDoS attack. In order to quickly and effectively identify several different application-layer DDoS attacks, this paper presented a detection method based on request keywords. In this method, the input is the number and frequency distribution distance of re- quest keywords per unit time. Then, the hidden markov model is used to detect application-layer DDoS attacks. The ex- perimental results show that the proposed method is valid to discover several different application-layer DDoS attacks with relatively high detection ratio and low false positive ratio.
作者 谢柏林 蒋盛益 张倩生
机构地区 广东外语外贸大学思科信息学院
出处 《计算机科学》 CSCD 北大核心 2013年第7期121-125,共5页 Computer Science
基金 国家自然科学基金项目(61202271 61070154) 广东省自然科学基金项目(S2012040007184) 教育部人文社会科学研究青年基金项目(12YJCZH281) 广州市哲学社会科学规划项目(2012GJ31)资助
关键词 DDOS攻击 请求关键词 隐马尔可夫模型 应用层 DDoS attack, Request keyword, Hidden markov model, Application-layer
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献15

  • 1谢柏林,余顺争.基于应用层协议关键词序列的应用层异常检测方法[J].计算机研究与发展,2011,48(1):159-168. 被引量:7
  • 2Xie Y, Yu S Z. Monitoring the Application-Layer DDoS Attacks for Popular Websites[J]. IEEE/ACM Transactions on Networ- king, 2009,17(1) : 15-25.
  • 3Rabiner L IL A Tutorial on Hidden Markov Models and Selected Applications in Speech Recognition[J]. Proceedings of the 1EEE, 1989,77(2) : 257-286.
  • 4谢柏林,余顺争,王宇.应用层异常检测方法研究[J].计算机科学,2009,36(4):21-24. 被引量:2
  • 5Worldwide Infrastructure Security Report 2010 [EB/OL]. ht- tp://www, arbornetworks, eom/report.
  • 6杨新宇,杨树森,李娟.基于非线性预处理网络流量预测方法的泛洪型DDoS攻击检测算法[J].计算机学报,2011,34(2):395-405. 被引量:19
  • 7Yu J, Fang C, Lu L, et al. A Lightweight Mechanism to Mitigate Application Layer DEk Attacks[J]. Scalable Information Sys- tems, 2009,18 : 175-191.
  • 8Mahoney M V,Chan P K. An Analysis of The 1999 DARPA/ Lincoln Laboratory Evaluation Data for Network Anomaly De- tection[C]//The Sixth International Symposium on Recent Ad- vances in Intrusion Detection. 2003 : 220-237.
  • 9DoSHTTP[EB/OL] : http://vcww, socketsoft, net/.
  • 10Wang K, Stolfo S J. Anomalous Payload-Based Network Intru- sion Detection[C]//The Seventh International Symposium on Recent Advances in Intrusion Detection. 2004:203-222.

二级参考文献129

  • 1任勋益,王汝传,王海艳.基于自相似检测DDoS攻击的小波分析方法[J].通信学报,2006,27(5):6-11. 被引量:56
  • 2孙知信,李清东.路由器端防范DDos攻击机制综述[J].南京邮电大学学报(自然科学版),2007,27(1):89-96. 被引量:8
  • 3谢逸,余顺争.基于Web用户浏览行为的统计异常检测[J].软件学报,2007,18(4):967-977. 被引量:42
  • 4李金明,王汝传.基于VTP方法的DDoS攻击实时检测技术研究[J].电子学报,2007,35(4):791-796. 被引量:18
  • 5CNNIC.第21次中国互联网络发展状况统计报告[R].http://www.cnnic.net.cn/uploadfiles/pdf/2008/1/17/104156.pdf,2008
  • 6Levy E. Approaching Zero[J]. IEEE Security & Privacy Magazine, 2004,2 (4) : 65-66
  • 7Binkley J R, Singh S. An Algorithm for Anomaly-based Botnet Detection[C]///SRUTI'06 : 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet. San Jose, USA: 2006 : 43-48
  • 8Villamarin-salomon R, Brustoloni J C. Identifying Botnets Using Anomaly Detection Techniques Applied to DNS Traffic[C]// Fifth IEEE Consumer Communications & Networking Conference. Las Vegas, Nevada, USA, 2008: 476-481
  • 9Pateha A,Park J M. An Overview of Anomaly Detection Techniques: Existing Solutions and Latest Technological Trends[J]. Computer Networks:The International Journal of Computer and Telecommunications Networking, 2007,51 (12) : 3448-3470
  • 10Wang H J, Guo C, Simon D R, et al. Shield.. Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits [J]. ACM SIGCOMM Computer Communication Review, 2004, 34(4) :193-204

共引文献91

同被引文献40

  • 1谢逸,余顺争.基于Web用户浏览行为的统计异常检测[J].软件学报,2007,18(4):967-977. 被引量:42
  • 2孙知信,李清东.基于源目的IP地址对数据库的防范DDos攻击策略[J].软件学报,2007,18(10):2613-2623. 被引量:21
  • 3Ranjan S, Swaminathan R, Uysal M, et al. DIikshield: DI)oS- resilient scheduling to counter application layer attacks [J]. IEEE/ ACMTransactions on Networking, 2009, 17 (1): 26-39.
  • 4Xie Y, Yu S Z. A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors [J]. IEEE/ ACM Transactions on Networking, 2009, 17 (1): 54-65.
  • 5Yu J, Li Z, Chen H, et al. A detection and offense mecha- nism to defend against application layer DDoS attacks [C] //Third International Conference on Networking and Services. IEEE, 2007: 54-54.
  • 6CHEN Y, KU W-S, SAKAI K, et al. A novel DDoS attack defending framework with minimized bilateral damages [C] // Proceedings of the 7th IEEE Conference on Consumer Commu- nications and Networking Conference. Piscataway: IEEE, 2010: 1-5.
  • 7A1-Hammadi Y, Aickelin U, Greensmith J. DCA for bot de- tection [C] //IEEE Congress on Evolutionary Computation, 2008: 1807-1816.
  • 8Greensmith J. The dendritic cell algorithm [D]. Notting- ham: School of Computer Science, University of Notting- ham, 2007.
  • 9Greensrnith J, Aickelin U. Dendritic cells for SYN scan detec- tion [C] //Proceedings of the Genetic and Evolutionary Com- putation Conference, 2007: 49-56.
  • 10Twycross J. Integrated innate and adaptive artificial immune systems applied to process anomaly detection [D]. Notting- ham: University of Nottingham, 2007.

引证文献2

二级引证文献6

计算机科学
2013年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部