摘要
针对无线传感网络攻击流量阻断存在攻击流量检测准确率较低、阻断效果较差的问题,构建了一种基于随机森林算法的无线传感网络攻击流量阻断模型。基于字符(单词)的词频矩阵,利用TF-IDF算法将有效载荷的特征自动提取出来;根据特征结果使用随机森林算法通过词频矩阵对网络流量实行分类,基于分类结果对网络中的流量攻击实现溯源,完成异常无线传感网络检测;利用流表的报文过滤实现无线传感攻击流量的阻断。实验结果表明,该模型在检测攻击流量时,准确率最高可达100%,调和平均数最高为99.18%,错误率最高仅为7.3%,假阳性率最高仅为5.5%,同时能够有效阻断网络攻击流量,在较短时间内将网络恢复至正常,具有良好的攻击流量检测效果和攻击流量阻断效果。
Aiming at the problems of low detection accuracy and poor blocking effect of attack traffic in wireless sensor networks,a wireless sensor network attack traffic blocking model based on random forest algorithm is constructed.Through TF-IDF algorithm,the feature of payload is automatically extracted based on the word frequency matrix of characters(words).According to the characteristic results,the random forest algorithm is used to classify the network traffic through the word frequency matrix,and the traffic attack in the network can be traced based on the classification results to complete the detection of abnormal wireless sensor networks.The packet filtering of the flow table is used to block the traffic of wireless sensor attack.Experiments show that,when detecting attack traffic,the detection accuracy of the model can reach 100%,the highest harmonic mean is 99.18%,and the highest error rate is only 7.3%,and the false positive rate is only 5.5%.At the same time,it can effectively block the network attack traffic and restore the network to normal in a short time.It has good attack traffic detection effect and attack traffic blocking effect.
作者
徐礼金
贺艳芳
XU Li-jin;HE Yan-fang(School of Information Technology,Guangdong Polytechnic College,Zhaoqing 526000;Minsheng College,Henan University,Kaifeng 475000,China)
出处
《计算机工程与科学》
CSCD
北大核心
2022年第5期819-825,共7页
Computer Engineering & Science
基金
2019年广东省普通高校特色创新类项目(2019KTSCX249)。
关键词
随机森林算法
无线传感网络
攻击流量
阻断模型
random forest algorithm
wireless sensor network
attack flow
blocking model
