摘要
低速率拒绝服务(LDoS,low-rate denial of service)攻击是一种新的面向TCP协议的攻击方式,它具有攻击速率低、隐蔽性强的特点,很难被传统DoS攻击检测措施发现。针对其特点,采用网络大数据分析技术,从路由器队列中挖掘一种LDoS攻击特征,将核主成分分析(KPCA,kernel principal component analysis)方法与神经网络结合,提出一种新的检测LDoS攻击的方法。该方法将路由器队列特征采用KPCA降维,作为神经网络输入,再利用BP神经网络自学习能力生成LDoS分类器,达到检测LDoS攻击的目的。实验结果表明该方法有较好的检测有效性和较低的计算复杂度,对设计防御LDoS攻击的路由器有一些借鉴意义。
Low-rate denial-of-service(LDoS) attack is a new type of attack mode for TCP protocol. Characteristics of low average rate and strong concealment make it difficult for detection by traditional Do S detecting methods. According to characteristics of LDoS attacks, a new LDoS queue future was proposed from the router queue, the kernel principal component analysis(KPCA) method was combined with neural network, and a new method was present to detect LDoS attacks. The method reduced the dimensionality of queue feature via KPCA algorithm and made the reduced dimension data as the inputs of neural network. For the good sell-learning ability, BP neural network could generate a great LDoS attack classifier and this classifier was used to detect the attack. Experiment results show that the proposed approach has the characteristics of effectiveness and low algorithm complexity, which helps the design of high performance router.
作者
吴志军
刘亮
岳猛
WU Zhijun;LIU Liang;YUE Meng(School of Electronics Information & Automation, Civil Aviation University of China,Tianjin 300300, Chin)
出处
《通信学报》
EI
CSCD
北大核心
2018年第5期11-22,共12页
Journal on Communications
基金
国家自然基金委员会与中国民航局联合基金资助项目(No.U1533107)
天津市自然科学基金资助项目(No.17JCZDJC30900)~~
关键词
低速率拒绝服务攻击
队列特征
核的主成分分析
神经网络
low-rate denial of service
queue feature
kernel principal component analysis
neural network