摘要
DoS攻击即拒绝服务攻击是一种常见且长期以来难以检测和预防的网络攻击方法,通过消耗被攻击者的带宽或计算资源造成目标计算机网络服务中断或停止,导致正常用户无法访问。随着机器学习算法的快速发展,决策树、支持向量机、随机森林、adaboost等算法逐渐被用于Do S攻击网络流量的识别与检测。对于大多数机器学习算法来说,网络流量特征的选择直接决定算法性能的优劣。文章使用网络流量特征提取工具CICFlow Meter和随机森林算法对网络流量特征进行提取和选择,设计算法训练模型对Do S攻击流量进行检测,取得了较好的精度及召回率,验证了文章检测方法的有效性。
Denial of service attack is a common cyber attack method that is difficult to detect and prevent for a long term.By consuming the bandwidth or computing resources of the target computer,the target computer network service is interrupted or stopped,which results in the normal users can not access it.With the rapid development of machine learning algorithms,decision tree,support vector machine,random forest and adaboost are gradually used to identify and detect DoS attacks network traffic.For most machine learning algorithms,the choice of network traffic characteristics directly determines the performance of the algorithm.This paper extracts and selects network traffic characteristics by using CICFlowMeter and random forest algorithm,and designs algorithm training model to detect DoS attack traffic,which achieves better accuracy and recall rate,and verifies the validity of the detection method.
作者
马泽文
刘洋
徐洪平
易航
MA Zewen;LIU Yang;XU Hongping;YI Hang(Beijing Institute of Astronautical System Engineering,Beijing 100076,CZima)
出处
《信息网络安全》
CSCD
北大核心
2019年第9期115-119,共5页
Netinfo Security
关键词
DOS攻击
机器学习
随机森林
特征选择
集成学习
DoS attack
machine learning
random forest
feature selection
ensemble learning