摘要
针对传统攻击流量的集中式检测模型中可扩展性差,检测效率低以及误报率高等问题,设计了针对DDoS攻击流量的随机森林分布式检测模型,该模型包括数据采集模块、数据预处理模块、分布式分类检测模块和报警响应模块.将该模型与基于Adaboost算法的分布式检测方法进行比较,并通过实验研究验证了模型的有效性.结果表明:基于随机森林的组合分类器分布式检测模型具有更高的检测率、正确率、精确率以及更低的误报率,并且该模型部署灵活,适用于工程实践.
To address the problems of poor scalability,low detection efficiency and high false alarm rate in traditional attack traffic centralized detection model,the random forest distributed detection model was designed to aim at DDoS(distributed denial of service)attack traffic.The model included data acquisition module,data preprocessing module,distributed classification detection module and alarm response module.The model was compared with the distributed detection method based on the Adaboost algorithm,and the validity of model was verified by the experimental study.The results show that the ensemble classifiers distributed detection model based on random forest has higher detection rate,accuracy,precision,and lower false alarm rate.The model has flexible deployment,and it is suitable for engineering practice.
作者
贾斌
马严
赵翔
Jia Bin;Ma Yan;Zhao Xiang(Institute of Network TechnologyBeijing University of Posts and Telecommunications,Beijing 100876,China;School of Computer Science,Beijing University of Posts and Telecommunications,Beijing 100876,China)
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2016年第S1期1-5,10,共6页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家国际科技合作与交流专项项目(2013DFE13130)