期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于集成学习的DoS攻击流量检测技术 被引量:6

DoS Traffic Identification Technology Based on Integrated Learning
下载PDF
导出
摘要 DoS攻击即拒绝服务攻击是一种常见且长期以来难以检测和预防的网络攻击方法,通过消耗被攻击者的带宽或计算资源造成目标计算机网络服务中断或停止,导致正常用户无法访问。随着机器学习算法的快速发展,决策树、支持向量机、随机森林、adaboost等算法逐渐被用于Do S攻击网络流量的识别与检测。对于大多数机器学习算法来说,网络流量特征的选择直接决定算法性能的优劣。文章使用网络流量特征提取工具CICFlow Meter和随机森林算法对网络流量特征进行提取和选择,设计算法训练模型对Do S攻击流量进行检测,取得了较好的精度及召回率,验证了文章检测方法的有效性。 Denial of service attack is a common cyber attack method that is difficult to detect and prevent for a long term.By consuming the bandwidth or computing resources of the target computer,the target computer network service is interrupted or stopped,which results in the normal users can not access it.With the rapid development of machine learning algorithms,decision tree,support vector machine,random forest and adaboost are gradually used to identify and detect DoS attacks network traffic.For most machine learning algorithms,the choice of network traffic characteristics directly determines the performance of the algorithm.This paper extracts and selects network traffic characteristics by using CICFlowMeter and random forest algorithm,and designs algorithm training model to detect DoS attack traffic,which achieves better accuracy and recall rate,and verifies the validity of the detection method.
作者 马泽文 刘洋 徐洪平 易航 MA Zewen;LIU Yang;XU Hongping;YI Hang(Beijing Institute of Astronautical System Engineering,Beijing 100076,CZima)
机构地区 北京宇航系统工程研究所
出处 《信息网络安全》 CSCD 北大核心 2019年第9期115-119,共5页 Netinfo Security
关键词 DOS攻击 机器学习 随机森林 特征选择 集成学习 DoS attack machine learning random forest feature selection ensemble learning
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献6

二级参考文献35

  • 1任勋益,王汝传,王海艳.基于自相似检测DDoS攻击的小波分析方法[J].通信学报,2006,27(5):6-11. 被引量:56
  • 2李金明,王汝传.基于VTP方法的DDoS攻击实时检测技术研究[J].电子学报,2007,35(4):791-796. 被引量:18
  • 3Nash D A,Ragsdale D J.Simulation of self-similarity in network utilization patterns as a precursor to automated testing of intrusion detection systems.IEEE Transactions on Systems,Man and Cybernetics,Part A,2001,31(4):327-331.
  • 4Yang Xin-Yu,Liu Yong,Zeng Ming,Shi Yi.A novel DDoS attack detecting algorithm based on the continuous wavelet transform//Proceedings of the Advanced Workshop on Content Computing.Zhenjiang,China,2004,3309:173-181.
  • 5Shu Yang-Tai,Jin Zhi-Gang,Zhang Lian-Fang,Wang Lei.Traffic prediction using FARIMA models//Proceedings of the IEEE International Conference on Communications.Vancouver,Canada,1999,2:891-895.
  • 6Sadek N,Khotanzad A.Multi-scale high-speed network traffic prediction using k-factor Gegenbauer ARMA model//Pro-ceedings of the IEEE International Conference on Communications.Paris,France,2004,4:2148-2152.
  • 7Ge Xiao-Hu,Zhu Guang-Xi,Zhu Yao-Ting.On the testing for alpha-stable distributions of network traffic.Computer Communications,2004,27(5):447-457.
  • 8Leland W E,Taqqu M S,Willinger W,Wilson D V.On the self-similar nature of ethernet traffic.IEEE/ACM Transactions on Networking,1994,2(1):1-15.
  • 9Gennandy Samorodnitsky.Long Memory and Self-Similar Processes.Universite Paul Sabatier.Annales de la Faculte des Sciences de Toulouse.[OL].Available:http://afst.cedram.org/item? id=AFST_2006_6_15_1_107_0,2006,XV (1):107-123.
  • 10Comp.Emergency Response Team.Result of the Distribu-ted-Systems Intruder Tools Workshop.http://www.cert.org/nav/allpubs.html.

共引文献56

同被引文献39

引证文献6

二级引证文献18

信息网络安全
2019年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部