摘要
在针对SDN架构的网络攻击中,分布式拒绝服务(DDOS)攻击是目前实施最简单,组织化最普遍,危害性最大的网络攻击之一,针对现有抵御方式中存在的特征选取僵化,无法识别零日攻击且检测精度不高等问题。提出基于熵率度量(ERM)和卷积神经网络(CNN)的混合检测方法,该方法以熵率计算和细粒度深度学习算法构建检测机制,以求检测多类型及多体量攻击。实验证明,所提出的方法能够满足实际应用中对于零日攻击的检测要求且针对正常用户流量激增事件具有良好的反应机制。
In the network attack against SDN architecture,distributed denial of service(DDoS)attack is one of the network attacks with the simplest implementation,the most common organization and the greatest harm.Aiming at the problems existing in the existing defense methods,such as rigid feature selection,unable to identify Zero Day attack and low detection accuracy,a method based on entropy rate measurement(ERM)and convolutional neural network(CNN)is proposed,which constructs a detection mechanism based on entropy rate calculation and fine-grained deep learning algorithm in order to detect multi type and multi volume attacks.Experiments show that the proposed method can meet the detection requirements of zero day attacks in practical applications,and has a good response mechanism for common user traffic surge events.
作者
肖军弼
张刚
XIAO Junbi;ZHANG Gang(School of Computer Science and Technology,China University of Petroleum(East China),Qingdao 266000)
出处
《计算机与数字工程》
2023年第10期2339-2345,2412,共8页
Computer & Digital Engineering
基金
教育部产学合作协同育人项目(编号:202002182024)资助。
