摘要
针对一种新型的DDoS攻击—链路泛洪攻击(link-flooding attack,LFA)难以检测的问题,提出了SDN中基于MS-KNN(mean shift-K nearest neighbor)方法的LFA检测方法。首先通过搭建SDN实验平台,模拟LFA并构建LFA数据集;然后利用改进的加权欧氏距离均值漂移(mean shift,MS)算法对LFA数据集进行分类;最后利用K近邻(K nearest neighbor,KNN)算法判断分类结果中是否具有LFA数据。实验结果表明,相较于KNN算法,利用MS-KNN不仅得到了更高的准确率,同时也得到了更低的假阳性率。
To address the problem that a new type of DDoS attack,LFA is difficult to detect,this paper proposed an LFA detection method based on MS-KNN method in SDN.Firstly,this paper simulated LFA and constructed LFA dataset by building an SDN experiment platform.Secondly,it used an improved weighted Euclidean distance MS algorithm to classify the LFA dataset.Finally,it used the KNN algorithm to determine whether LFA data were included in the classification results.The experimental results show that MS-KNN not only obtains a higher accuracy rate,but also has a lower false positive rate compared with the KNN algorithm.
作者
孙文悦
王昌达
Sun Wenyue;Wang Changda(School of Computer Science&Communication Engineering,Jiangsu University,Zhenjiang Jiangsu 212013,China)
出处
《计算机应用研究》
CSCD
北大核心
2022年第9期2832-2836,共5页
Application Research of Computers
基金
国家自然科学基金资助项目(62072217,61672269)。
关键词
链路泛洪攻击
SDN
均值漂移算法
K近邻算法
MS-KNN
link-flooding attack(LFA)
SDN
mean shift(MS)
K nearest neighbor(KNN)
mean shift-K nearest neighbor(MS-KNN)