DDoS(Distributed Denial of Service)攻击是在传统的DoS攻击上产生的新的网络攻击方式,是Internet面临的最严峻威胁之一,这种攻击带来巨大的网络资源消耗,影响正常的网络访问。DDoS具有分布式特征,攻击源隐蔽,而且该类攻击采用IP伪造技...DDoS(Distributed Denial of Service)攻击是在传统的DoS攻击上产生的新的网络攻击方式,是Internet面临的最严峻威胁之一,这种攻击带来巨大的网络资源消耗,影响正常的网络访问。DDoS具有分布式特征,攻击源隐蔽,而且该类攻击采用IP伪造技术,不易追踪和辨别。任何网络攻击都会产生异常流量,DDoS也不例外,分布式攻击导致这种现象更加明显。主要研究利用神经网络技术并借助IP标记辅助来甄别异常流量中的网络数据包,方法是:基于DDoS攻击总是通过多源头发起对单一目标攻击的特点,通过IP标记技术对路由器上网路包进行标记,获得反映网络流量的标记参数,作为神经网络的输入参数相量;再对BP神经网络进行训练,使其能识别DDoS攻击引起的异常流量;最后,训练成熟的神经网络即可在运行时有效地甄别并防御DDoS攻击,提高网络资源的使用效率。通过实验证明了神经网络技术防御DDoS攻击是可行和高效的。展开更多
Denial of Service(DoS/DDoS)intrusions are damaging cyberattacks,and their identification is of great interest to the Intrusion Detection System(IDS).Existing IDS are mainly based on Machine Learning(ML)methods includi...Denial of Service(DoS/DDoS)intrusions are damaging cyberattacks,and their identification is of great interest to the Intrusion Detection System(IDS).Existing IDS are mainly based on Machine Learning(ML)methods including Deep Neural Networks(DNN),but which are rarely hybridized with other techniques.The intrusion data used are generally imbalanced and contain multiple features.Thus,the proposed approach aims to use a DNN-based method to detect DoS/DDoS attacks using CICIDS2017,CSE-CICIDS2018 and CICDDoS 2019 datasets,according to the following key points.a)Three imbalanced CICIDS2017-2018-2019 datasets,including Benign and DoS/DDoS attack classes,are used.b)A new technique based on K-means is developed to obtain semi-balanced datasets.c)As a feature selectionmethod,LDA(Linear Discriminant Analysis)performance measure is chosen.d)Four metaheuristic algorithms,counting Artificial Immune System(AIS),Firefly Algorithm(FA),Invasive Weeds Optimization(IWO)and Cuckoo Search(CS)are used,for the first time together,to increase the performance of the suggested DNN-based DoS attacks detection.The experimental results,based on semi-balanced training and test datasets,indicated that AIS,FA,IWO and CS-based DNNs can achieve promising results,even when cross-validated.AIS-DNN yields a tested accuracy of 99.97%,99.98%and 99.99%,for the three considered datasets,respectively,outperforming performance established in several related works.展开更多
文摘DDoS(Distributed Denial of Service)攻击是在传统的DoS攻击上产生的新的网络攻击方式,是Internet面临的最严峻威胁之一,这种攻击带来巨大的网络资源消耗,影响正常的网络访问。DDoS具有分布式特征,攻击源隐蔽,而且该类攻击采用IP伪造技术,不易追踪和辨别。任何网络攻击都会产生异常流量,DDoS也不例外,分布式攻击导致这种现象更加明显。主要研究利用神经网络技术并借助IP标记辅助来甄别异常流量中的网络数据包,方法是:基于DDoS攻击总是通过多源头发起对单一目标攻击的特点,通过IP标记技术对路由器上网路包进行标记,获得反映网络流量的标记参数,作为神经网络的输入参数相量;再对BP神经网络进行训练,使其能识别DDoS攻击引起的异常流量;最后,训练成熟的神经网络即可在运行时有效地甄别并防御DDoS攻击,提高网络资源的使用效率。通过实验证明了神经网络技术防御DDoS攻击是可行和高效的。
文摘Denial of Service(DoS/DDoS)intrusions are damaging cyberattacks,and their identification is of great interest to the Intrusion Detection System(IDS).Existing IDS are mainly based on Machine Learning(ML)methods including Deep Neural Networks(DNN),but which are rarely hybridized with other techniques.The intrusion data used are generally imbalanced and contain multiple features.Thus,the proposed approach aims to use a DNN-based method to detect DoS/DDoS attacks using CICIDS2017,CSE-CICIDS2018 and CICDDoS 2019 datasets,according to the following key points.a)Three imbalanced CICIDS2017-2018-2019 datasets,including Benign and DoS/DDoS attack classes,are used.b)A new technique based on K-means is developed to obtain semi-balanced datasets.c)As a feature selectionmethod,LDA(Linear Discriminant Analysis)performance measure is chosen.d)Four metaheuristic algorithms,counting Artificial Immune System(AIS),Firefly Algorithm(FA),Invasive Weeds Optimization(IWO)and Cuckoo Search(CS)are used,for the first time together,to increase the performance of the suggested DNN-based DoS attacks detection.The experimental results,based on semi-balanced training and test datasets,indicated that AIS,FA,IWO and CS-based DNNs can achieve promising results,even when cross-validated.AIS-DNN yields a tested accuracy of 99.97%,99.98%and 99.99%,for the three considered datasets,respectively,outperforming performance established in several related works.