期刊文献+
共找到545篇文章
< 1 2 28 >
每页显示 20 50 100
Optimization of Stealthwatch Network Security System for the Detection and Mitigation of Distributed Denial of Service (DDoS) Attack: Application to Smart Grid System
1
作者 Emmanuel S. Kolawole Penrose S. Cofie +4 位作者 John H. Fuller Cajetan M. Akujuobi Emmanuel A. Dada Justin F. Foreman Pamela H. Obiomon 《Communications and Network》 2024年第3期108-134,共27页
The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communicati... The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communication network shares information about status of its several integrated IEDs (Intelligent Electronic Devices). However, the IEDs connected throughout the Smart Grid, open opportunities for attackers to interfere with the communications and utilities resources or take clients’ private data. This development has introduced new cyber-security challenges for the Smart Grid and is a very concerning issue because of emerging cyber-threats and security incidents that have occurred recently all over the world. The purpose of this research is to detect and mitigate Distributed Denial of Service [DDoS] with application to the Electrical Smart Grid System by deploying an optimized Stealthwatch Secure Network analytics tool. In this paper, the DDoS attack in the Smart Grid communication networks was modeled using Stealthwatch tool. The simulated network consisted of Secure Network Analytic tools virtual machines (VMs), electrical Grid network communication topology, attackers and Target VMs. Finally, the experiments and simulations were performed, and the research results showed that Stealthwatch analytic tool is very effective in detecting and mitigating DDoS attacks in the Smart Grid System without causing any blackout or shutdown of any internal systems as compared to other tools such as GNS3, NeSSi2, NISST Framework, OMNeT++, INET Framework, ReaSE, NS2, NS3, M5 Simulator, OPNET, PLC & TIA Portal management Software which do not have the capability to do so. Also, using Stealthwatch tool to create a security baseline for Smart Grid environment, contributes to risk mitigation and sound security hygiene. 展开更多
关键词 Smart Grid System Distributed denial of service (Ddos) attack Intrusion Detection and Prevention Systems DETECTION Mitigation and Stealthwatch
下载PDF
Central Aggregator Intrusion Detection System for Denial of Service Attacks
2
作者 Sajjad Ahmad Imran Raza +3 位作者 MHasan Jamal Sirojiddin Djuraev Soojung Hur Imran Ashraf 《Computers, Materials & Continua》 SCIE EI 2023年第2期2363-2377,共15页
Vehicle-to-grid technology is an emerging field that allows unused power from Electric Vehicles(EVs)to be used by the smart grid through the central aggregator.Since the central aggregator is connected to the smart gr... Vehicle-to-grid technology is an emerging field that allows unused power from Electric Vehicles(EVs)to be used by the smart grid through the central aggregator.Since the central aggregator is connected to the smart grid through a wireless network,it is prone to cyber-attacks that can be detected and mitigated using an intrusion detection system.However,existing intrusion detection systems cannot be used in the vehicle-to-grid network because of the special requirements and characteristics of the vehicle-to-grid network.In this paper,the effect of denial-of-service attacks of malicious electric vehicles on the central aggregator of the vehicle-to-grid network is investigated and an intrusion detection system for the vehicle-to-grid network is proposed.The proposed system,central aggregator–intrusion detection system(CA-IDS),works as a security gateway for EVs to analyze andmonitor incoming traffic for possible DoS attacks.EVs are registered with a Central Aggregator(CAG)to exchange authenticated messages,and malicious EVs are added to a blacklist for violating a set of predefined policies to limit their interaction with the CAG.A denial of service(DoS)attack is simulated at CAG in a vehicle-to-grid(V2G)network manipulating various network parameters such as transmission overhead,receiving capacity of destination,average packet size,and channel availability.The proposed system is compared with existing intrusion detection systems using different parameters such as throughput,jitter,and accuracy.The analysis shows that the proposed system has a higher throughput,lower jitter,and higher accuracy as compared to the existing schemes. 展开更多
关键词 denial of service attack vehicle to grid network network security network throughput
下载PDF
The History, Trend, Types, and Mitigation of Distributed Denial of Service Attacks
3
作者 Richard Kabanda Bertrand Byera +1 位作者 Henrietta Emeka Khaja Taiyab Mohiuddin 《Journal of Information Security》 2023年第4期464-471,共8页
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor... Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat. 展开更多
关键词 Ddos (Distributed denial of service attacks) and dos (denial of service attacks) DAC (Ddos attack Coefficient) Flood SIEM (Security Information and Event Management) CISA (Cybersecurity and Infrastructure Security Agency) NIST (National Institute of Standards and Technology) XDR (Extended Detection and Response) ACK-SYN (Synchronize Acknowledge Packet) ICMP (Internet Control Message Protocol) Cyberwarfare
下载PDF
A Novel Framework for DDoS Attacks Detection Using Hybrid LSTM Techniques 被引量:2
4
作者 Anitha Thangasamy Bose Sundan Logeswari Govindaraj 《Computer Systems Science & Engineering》 SCIE EI 2023年第6期2553-2567,共15页
The recent development of cloud computing offers various services on demand for organization and individual users,such as storage,shared computing space,networking,etc.Although Cloud Computing provides various advanta... The recent development of cloud computing offers various services on demand for organization and individual users,such as storage,shared computing space,networking,etc.Although Cloud Computing provides various advantages for users,it remains vulnerable to many types of attacks that attract cyber criminals.Distributed Denial of Service(DDoS)is the most common type of attack on cloud computing.Consequently,Cloud computing professionals and security experts have focused on the growth of preventive processes towards DDoS attacks.Since DDoS attacks have become increasingly widespread,it becomes difficult for some DDoS attack methods based on individual network flow features to distinguish various types of DDoS attacks.Further,the monitoring pattern of traffic changes and accurate detection of DDoS attacks are most important and urgent.In this research work,DDoS attack detection methods based on deep belief network feature extraction and Hybrid Long Short-Term Memory(LSTM)model have been proposed with NSL-KDD dataset.In Hybrid LSTM method,the Particle Swarm Optimization(PSO)technique,which is combined to optimize the weights of the LSTM neural network,reduces the prediction error.This deep belief network method is used to extract the features of IP packets,and it identifies DDoS attacks based on PSO-LSTM model.Moreover,it accurately predicts normal network traffic and detects anomalies resulting from DDoS attacks.The proposed PSO-LSTM architecture outperforms the classification techniques including standard Support Vector Machine(SVM)and LSTM in terms of attack detection performance along with the results of the measurement of accuracy,recall,f-measure,precision. 展开更多
关键词 Cloud computing distributed denial of service particle swarm optimization long short-term memory attack detection
下载PDF
Detecting and Mitigating DDOS Attacks in SDNs Using Deep Neural Network
5
作者 Gul Nawaz Muhammad Junaid +5 位作者 Adnan Akhunzada Abdullah Gani Shamyla Nawazish Asim Yaqub Adeel Ahmed Huma Ajab 《Computers, Materials & Continua》 SCIE EI 2023年第11期2157-2178,共22页
Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks... Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks in the Software-Defined Networking(SDN)paradigm.SDN centralizes the control plane and separates it from the data plane.It simplifies a network and eliminates vendor specification of a device.Because of this open nature and centralized control,SDN can easily become a victim of DDoS attacks.We proposed a supervised Developed Deep Neural Network(DDNN)model that can classify the DDoS attack traffic and legitimate traffic.Our Developed Deep Neural Network(DDNN)model takes a large number of feature values as compared to previously proposed Machine Learning(ML)models.The proposed DNN model scans the data to find the correlated features and delivers high-quality results.The model enhances the security of SDN and has better accuracy as compared to previously proposed models.We choose the latest state-of-the-art dataset which consists of many novel attacks and overcomes all the shortcomings and limitations of the existing datasets.Our model results in a high accuracy rate of 99.76%with a low false-positive rate and 0.065%low loss rate.The accuracy increases to 99.80%as we increase the number of epochs to 100 rounds.Our proposed model classifies anomalous and normal traffic more accurately as compared to the previously proposed models.It can handle a huge amount of structured and unstructured data and can easily solve complex problems. 展开更多
关键词 Distributed denial of service(Ddos)attacks software-defined networking(SDN) classification deep neural network(DNN)
下载PDF
基于CNN-BiLSTM的ICMPv6 DDoS攻击检测方法
6
作者 郭峰 王春兰 +2 位作者 刘晋州 王明华 韩宝安 《火力与指挥控制》 CSCD 北大核心 2024年第9期122-129,共8页
针对ICMPv6网络中DDoS攻击检测问题,提出一种基于CNN-BiLSTM网络的检测算法。通过将带有注意力机制、DropConnect和Dropout混合使用加入到CNN-BiLSTM算法中,防止在训练过程中产生的过拟合问题,同时更准确地提取数据的特性数据。通过实... 针对ICMPv6网络中DDoS攻击检测问题,提出一种基于CNN-BiLSTM网络的检测算法。通过将带有注意力机制、DropConnect和Dropout混合使用加入到CNN-BiLSTM算法中,防止在训练过程中产生的过拟合问题,同时更准确地提取数据的特性数据。通过实验表明:提出的算法在多次实验中的检测准确率、误报率与漏报率平均值分别为92.84%、4.49%和10.54%,检测算法泛化性较强,性能由于其他算法,能够有效处理ICMPv6 DDoS攻击检测问题。 展开更多
关键词 分布式拒绝服务攻击 攻击检测 ICMPV6 CNN BiLSTM
下载PDF
Denial of Service Due to Direct and Indirect ARP Storm Attacks in LAN Environment 被引量:2
7
作者 Sanjeev Kumar Orifiel Gomez 《Journal of Information Security》 2010年第2期88-94,共7页
ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS ... ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS agents constantly send a barrage of ARP requests to the gateway, or to a victim computer within the same sub-network, and tie up the resource of attacked gateway or host. In this paper, we set to measure the impact of ARP-attack on resource exhaustion of computers in a local area network. Based on attack experiments, we measure the exhaustion of processing and memory resources of a victim computer and also other computers, which are located on the same network as the victim computer. Interestingly enough, it is observed that an ARP-attack not only exhausts resource of the victim computer but also significantly exhausts processing resource of other non-victim computers, which happen to be located on the same local area network as the victim computer. 展开更多
关键词 ARP attack COMPUTER Network Security COMPUTER Systems DIRECT attack Distributed denial of service attacks (Ddos) Indirect attack Local Area Networks
下载PDF
面向边缘计算的TCA1C DDoS检测模型 被引量:2
8
作者 申秀雨 姬伟峰 +1 位作者 李映岐 吴玄 《计算机工程》 CSCD 北大核心 2024年第1期198-205,共8页
边缘计算弥补了传统云计算数据传输开销大的不足,但边缘网络中存储和计算资源受限的特殊性限制了其部署复杂安全算法的能力,更易受到分布式拒绝服务(DDoS)攻击。针对目前边缘网络中DDoS攻击检测方法性能不高、未对卸载任务分类处理、对... 边缘计算弥补了传统云计算数据传输开销大的不足,但边缘网络中存储和计算资源受限的特殊性限制了其部署复杂安全算法的能力,更易受到分布式拒绝服务(DDoS)攻击。针对目前边缘网络中DDoS攻击检测方法性能不高、未对卸载任务分类处理、对多属性的流量处理能力弱的问题,提出一种基于任务分类的Attention-1D-CNN DDoS检测模型TCA1C,对通信链路中的流量按不同的卸载任务进行分类,使单个任务受到攻击时不会影响整个链路中计算任务卸载的安全性,再对同一任务下的流量提取属性值并进行归一化处理。处理后的数据输入到Attention-1D-CNN,通道Attention和空间Attention学习数据特征对DDoS检测的贡献度,利用筛选函数剔除低于特征阈值的冗余信息,降低模型学习过程的复杂度,使模型快速收敛。仿真结果表明:TCA1C模型在缩短DDoS检测所用时间的情况下,检测准确率高达99.73%,检测性能优于DT、ELM、LSTM和CNN;当多个卸载任务在面临特定攻击概率时,卸载任务分类能有效降低不同任务的相互影响,使终端设备的计算任务在卸载过程中保持较高的安全性。 展开更多
关键词 边缘计算 分布式拒绝服务攻击检测 任务分类 注意力机制 1D-CNN模块
下载PDF
Experimental Evaluation of Cisco ASA-5510 Intrusion Prevention System against Denial of Service Attacks
9
作者 Sanjeev Kumar Raja Sekhar Reddy Gade 《Journal of Information Security》 2012年第2期122-137,共16页
Cyber attacks are continuing to hamper working of Internet services despite increase in the use of network security systems such as, firewalls and Intrusion protection systems (IPS). Recent Denial of Service (DoS) att... Cyber attacks are continuing to hamper working of Internet services despite increase in the use of network security systems such as, firewalls and Intrusion protection systems (IPS). Recent Denial of Service (DoS) attack on Independence Day weekend, on July 4th, 2009 launched to debilitate the US and South Korean governments’ websites is indicative of the fact that the security systems may not have been adequately deployed to counteract such attacks. IPS is a vital security device which is commonly used as a front line defense mechanism to defend against such DoS attacks. Before deploying a firewall or an IPS device for network protection, in many deployments, the performance of firewalls is seldom evaluated for their effectiveness. Many times, these IPS’s can become bottleneck to the network performance and they may not be effective in stopping DoS attacks. In this paper, we intend to drive the point that deploying IPS may not always be effective in stopping harmful effects of DoS attacks. It is important to evaluate the capability of IPS before they are deployed to protect a network or a server against DoS attacks. In this paper, we evaluate performance of a commercial grade IPS Cisco ASA-5510 IPS to measure its effectiveness in stopping a DoS attacks namely TCP-SYN, UDP Flood, Ping Flood and ICMP Land Attacks. This IPS comes with features to counteract and provide security against these attacks. Performance of the IPS is measured under these attacks protection and compared with its performance when these protection features were not available (i.e. disabled). It was found that the IPS was unable to provide satisfactory protection despite the availability of the protection features against these flooding attacks. It is important for the network managers to measure the actual capabilities of an IPS system before its deployment to protect critical information infrastructure. 展开更多
关键词 denial of service (dos) SYN FLOOD attack PROXY Protection FIREWALL Security AVAILABILITY
下载PDF
Modeling and Simulation of Low Rate of Denial of Service Attacks
10
《International English Education Research》 2014年第1期31-34,共4页
The low-rate denial of service attack is more applicable to the network in recent years as a means of attack, which is different from the traditional field type DoS attacks at the network end system or network using a... The low-rate denial of service attack is more applicable to the network in recent years as a means of attack, which is different from the traditional field type DoS attacks at the network end system or network using adaptive mechanisms exist loopholes flow through the low-rate periodic attacks on the implementation of high-efficiency attacked by an intruder and not be found, resulting in loss of user data or a computer deadlock. LDos attack since there has been extensive attention of researchers, the attack signature analysis and detection methods to prevent network security have become an important research topic. Some have been proposed for the current attacks were classified LDoS describe and model, and then in NS-2 platform for experimental verification, and then LDoS attack detection to prevent difficulties are discussed and summarized for the future such attacks detection method research work to provide a reference. 展开更多
关键词 Low-Rate denial of service attacks Congestion Control attack Prevention Network Security
下载PDF
融合稀疏注意力机制在DDoS攻击检测中的应用
11
作者 王博 万良 +2 位作者 叶金贤 刘明盛 孙菡迪 《计算机工程与设计》 北大核心 2024年第5期1312-1320,共9页
针对现有的DDoS(distributed denial of service)攻击检测模型面临大量数据时,呈现出检测效率低的问题。为适应当前网络环境,通过研究DDoS攻击检测模型、提取流量特征、计算攻击密度,提出一种基于融合稀疏注意力机制的DDoS攻击检测模型G... 针对现有的DDoS(distributed denial of service)攻击检测模型面临大量数据时,呈现出检测效率低的问题。为适应当前网络环境,通过研究DDoS攻击检测模型、提取流量特征、计算攻击密度,提出一种基于融合稀疏注意力机制的DDoS攻击检测模型GVBNet(global variable block net),使用攻击密度自适应计算稀疏注意力。利用信息熵以及信息增益分析提取攻击流量的连续字节作为特征向量,通过构建基于GVBNet的网络模型在两种数据集上进行训练。实验结果表明,该方法具有良好的识别效果、检测速度以及抗干扰能力,在不同的环境下具有应用价值。 展开更多
关键词 分布式拒绝服务攻击 稀疏注意力机制 攻击密度 信息熵 信息增益 模型优化 攻击检测
下载PDF
Mitigating while Accessing:A Lightweight Defense Framework Against Link Flooding Attacks in SDN
12
作者 Sun Hancun Chen Xu +1 位作者 Luo Yantian Ge Ning 《China Communications》 SCIE CSCD 2024年第11期15-27,共13页
Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,t... Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,the proliferation of Internet of Things(IoT)has increased the quantity of vulnerable devices connected to the network and has intensified the threat of LFAs.In LFAs,attackers typically utilize low-speed flows that do not reach the victims,making the attack difficult to detect.Traditional LFA defense methods mainly reroute the attack traffic around the congested link,which encounters high complexity and high computational overhead due to the aggregation of massive attack traffic.To address these challenges,we present an LFA defense framework which can mitigate the attack flows at the border switches when they are small in scale.This framework is lightweight and can be deployed at border switches of the network in a distributed manner,which ensures the scalability of our defense system.The performance of our framework is assessed in an experimental environment.The simulation results indicate that our method is effective in detecting and mitigating LFAs with low time complexity. 展开更多
关键词 attack mitigation distributed denial of service(Ddos) link flooding attack(LFA) software defined networking(SDN)
下载PDF
Threshold-Based Software-Defined Networking(SDN)Solution for Healthcare Systems against Intrusion Attacks
13
作者 Laila M.Halman Mohammed J.F.Alenazi 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第2期1469-1483,共15页
The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are ... The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic. 展开更多
关键词 Network resilience network management attack prediction software defined networking(SDN) distributed denial of service(Ddos) healthcare
下载PDF
SDN中基于信息熵与机器学习的DDoS攻击检测模型构建 被引量:1
14
作者 鲁顶芝 《无线互联科技》 2024年第6期23-25,共3页
软件定义网络(Software-Defined Network,SDN)的集中控制特征使得网络管理更加灵活高效,但同时也成为网络攻击的主要对象,其中分布式拒绝服务攻击DDoS是SDN面临的主要威胁之一。结合统计学习和机器学习这2种SDN中常用的检测方法,文章分... 软件定义网络(Software-Defined Network,SDN)的集中控制特征使得网络管理更加灵活高效,但同时也成为网络攻击的主要对象,其中分布式拒绝服务攻击DDoS是SDN面临的主要威胁之一。结合统计学习和机器学习这2种SDN中常用的检测方法,文章分析了基于信息熵与机器学习算法的DDoS攻击检测模型,并利用信息熵的阈值判断检测出疑似异常流量,再用决策树算法构建的检测模型检测出DDoS攻击。分类检测模型构建了6个特征属性,并通过计算信息增益值筛选出最优特征子集。通过与其他分类算法模型的比较,该模型提高了检测准确性,减少了检测时间。 展开更多
关键词 软件定义网络 分布式拒绝服务攻击 信息熵 攻击检测
下载PDF
基于深度森林的多类型DDoS攻击检测方法 被引量:1
15
作者 徐精诚 陈学斌 董燕灵 《软件导刊》 2024年第2期106-112,共7页
分布式拒绝服务攻击(DDoS)是网络安全的主要威胁之一。近年来,基于多种不同DDoS攻击方式的混合攻击数量大幅增长,如何在保证精度的前提下同时检测多种类型的DDoS攻击成为亟待解决的问题。为此,提出一种基于深度森林的多类型DDoS攻击检... 分布式拒绝服务攻击(DDoS)是网络安全的主要威胁之一。近年来,基于多种不同DDoS攻击方式的混合攻击数量大幅增长,如何在保证精度的前提下同时检测多种类型的DDoS攻击成为亟待解决的问题。为此,提出一种基于深度森林的多类型DDoS攻击检测方法。该方法首先使用基于平均不纯度的特征选择算法对多类型异常流量数据集进行特征排序与特征筛选;然后使用多粒度扫描对DDoS训练集进行特征提取,并使用级联森林分层训练模型,最终生成可用于DDoS恶意流量检测与分类的深度森林模型。实验结果表明,与6种主流树类集成学习模型相比,基于改进深度森林的DDoS攻击检测方法训练得到的分类器准确率最低提升了0.8%,召回率最低提升了0.9%;与改进前相比,改进后模型准确率提升了1.3%,加权召回率提高了1.3%,训练时间减少了29.7%。模型整体性能有明显提升。 展开更多
关键词 多类型攻击检测 分布式拒绝服务攻击 深度森林 多粒度扫描 级联森林 平均不纯度
下载PDF
电力系统防御DoS网络攻击的机制研究
16
作者 刘治开 张原 刘享秀 《信息与电脑》 2024年第2期209-211,共3页
传统电力系统容易受到网络干扰和攻击,系统中某一部分受到攻击可能会导致整个电力系统瘫痪。由于现代电力系统的广域性和灵活性会导致出现更多的网络攻击点,因此针对新领域研究更多的防御策略变得至关重要。基于此,利用连续时域模型对... 传统电力系统容易受到网络干扰和攻击,系统中某一部分受到攻击可能会导致整个电力系统瘫痪。由于现代电力系统的广域性和灵活性会导致出现更多的网络攻击点,因此针对新领域研究更多的防御策略变得至关重要。基于此,利用连续时域模型对各种攻击策略进行建模,并分析电力系统防御拒绝服务(Denial of Service,DoS)攻击的机制。 展开更多
关键词 电力系统 网络攻击 拒绝服务(dos)
下载PDF
计算机网络中的DDoS攻击检测与防御机制研究
17
作者 郭晓丽 《计算机应用文摘》 2024年第17期164-166,共3页
随着互联网的迅猛发展,计算机网络已成为社会和经济中不可或缺的一部分。然而,人们对网络的过度依赖为恶意攻击者提供了机会,其中分布式拒绝服务(DDoS)攻击是一种常见且严重的威胁。文章深入研究了DDoS攻击的检测与防御机制,旨在为网络... 随着互联网的迅猛发展,计算机网络已成为社会和经济中不可或缺的一部分。然而,人们对网络的过度依赖为恶意攻击者提供了机会,其中分布式拒绝服务(DDoS)攻击是一种常见且严重的威胁。文章深入研究了DDoS攻击的检测与防御机制,旨在为网络提供更加全面、有效的保护。 展开更多
关键词 计算机网络 分布式拒绝服务 恶意攻击 网络安全
下载PDF
DoS攻击下一类非线性系统的事件触发自适应NN控制
18
作者 李靖 韩璐珩 《安庆师范大学学报(自然科学版)》 2024年第1期1-9,共9页
本文研究了一类未知非线性系统在拒绝服务攻击下的弹性控制问题。首先采用反步法、神经网络逼近和事件触发机制设计事件触发自适应神经网络控制器,并证明所引入的事件触发机制可避免Zeno行为。在上述基础上,考虑拒绝服务攻击的影响,设... 本文研究了一类未知非线性系统在拒绝服务攻击下的弹性控制问题。首先采用反步法、神经网络逼近和事件触发机制设计事件触发自适应神经网络控制器,并证明所引入的事件触发机制可避免Zeno行为。在上述基础上,考虑拒绝服务攻击的影响,设计弹性事件触发控制器,并利用Lyapunov稳定性理论证明闭环系统在遭受拒绝服务攻击时仍能保持稳定。最后,运用单连杆机械臂系统验证了该控制策略的有效性。 展开更多
关键词 非线性系统 拒绝服务攻击 事件触发机制 神经网络
下载PDF
Iterative Dichotomiser Posteriori Method Based Service Attack Detection in Cloud Computing
19
作者 B.Dhiyanesh K.Karthick +1 位作者 R.Radha Anita Venaik 《Computer Systems Science & Engineering》 SCIE EI 2023年第2期1099-1107,共9页
Cloud computing(CC)is an advanced technology that provides access to predictive resources and data sharing.The cloud environment represents the right type regarding cloud usage model ownership,size,and rights to acces... Cloud computing(CC)is an advanced technology that provides access to predictive resources and data sharing.The cloud environment represents the right type regarding cloud usage model ownership,size,and rights to access.It introduces the scope and nature of cloud computing.In recent times,all processes are fed into the system for which consumer data and cache size are required.One of the most security issues in the cloud environment is Distributed Denial of Ser-vice(DDoS)attacks,responsible for cloud server overloading.This proposed sys-tem ID3(Iterative Dichotomiser 3)Maximum Multifactor Dimensionality Posteriori Method(ID3-MMDP)is used to overcome the drawback and a rela-tively simple way to execute and for the detection of(DDoS)attack.First,the pro-posed ID3-MMDP method calls for the resources of the cloud platform and then implements the attack detection technology based on information entropy to detect DDoS attacks.Since because the entropy value can show the discrete or aggregated characteristics of the current data set,it can be used for the detection of abnormal dataflow,User-uploaded data,ID3-MMDP system checks and read risk measurement and processing,bug ratingfile size changes,orfile name changes and changes in the format design of the data size entropy value.Unique properties can be used whenever the program approaches any data error to detect abnormal data services.Finally,the experiment also verifies the DDoS attack detection capability algorithm. 展开更多
关键词 ID3(Iterative dichotomiser 3)maximum multifactor dimensionality posterior method(ID3-MMDP) distributed denial of service(Ddos)attacks detection of abnormal dataflow SK measurement and processing bug ratingfile size
下载PDF
Formalized Description of Distributed Denial of Service Attack 被引量:1
20
作者 杜彦辉 马锐 刘玉树 《Journal of Beijing Institute of Technology》 EI CAS 2004年第4期360-364,共5页
The distributed denial of service (DDoS) attack is one of the dangers in intrusion modes. It's difficult to defense and can cause serious damage to the system. Based on a careful study of the attack principles and... The distributed denial of service (DDoS) attack is one of the dangers in intrusion modes. It's difficult to defense and can cause serious damage to the system. Based on a careful study of the attack principles and characteristics, an object-oriented formalized description is presented, which contains a three-level framework and offers full specifications of all kinds of DDoS modes and their features and the relations between one another. Its greatest merit lies in that it contributes to analyzing, checking and judging DDoS. Now this formalized description has been used in a special IDS and it works very effectively.( 展开更多
关键词 distributed) denial of service(Ddos) attack formalized description framework knowledge (expression)
下载PDF
上一页 1 2 28 下一页 到第
使用帮助 返回顶部