通信学报 ›› 2018, Vol. 39 ›› Issue (5): 11-22.doi: 10.11959/j.issn.1000-436x.2018073
吴志军,刘亮,岳猛
修回日期:
2018-02-06
出版日期:
2018-05-01
发布日期:
2018-06-01
作者简介:
吴志军(1965-),男,河南固始人,博士,中国民航大学教授、博士生导师,主要研究方向为网络空间安全。|刘亮(1991-),男,天津人,中国民航大学硕士生,主要研究方向为网络信息安全、低速率拒绝服务攻击的检测。|岳猛(1984-),男,河北沧州人,博士,中国民航大学讲师,主要研究方向为信息安全、云计算、低速率拒绝服务攻击的检测。
基金资助:
Zhijun WU,Liang LIU,Meng YUE
Revised:
2018-02-06
Online:
2018-05-01
Published:
2018-06-01
Supported by:
摘要:
低速率拒绝服务(LDoS,low-rate denial of service)攻击是一种新的面向TCP协议的攻击方式,它具有攻击速率低、隐蔽性强的特点,很难被传统DoS攻击检测措施发现。针对其特点,采用网络大数据分析技术,从路由器队列中挖掘一种LDoS攻击特征,将核主成分分析(KPCA,kernel principal component analysis)方法与神经网络结合,提出一种新的检测LDoS攻击的方法。该方法将路由器队列特征采用KPCA降维,作为神经网络输入,再利用BP神经网络自学习能力生成LDoS分类器,达到检测LDoS攻击的目的。实验结果表明该方法有较好的检测有效性和较低的计算复杂度,对设计防御LDoS攻击的路由器有一些借鉴意义。
中图分类号:
吴志军,刘亮,岳猛. 基于ANN与KPCA的LDoS攻击检测方法[J]. 通信学报, 2018, 39(5): 11-22.
Zhijun WU,Liang LIU,Meng YUE. Detection method of LDoS attacks based on combination of ANN & KPCA[J]. Journal on Communications, 2018, 39(5): 11-22.
[13] | ZHANG C W , YIN J P , CAI Z P ,et al. Active queue management algorithm to counter DDoS attacks[J]. Journal of Software, 2011,22(9): 2182-2192. |
[14] | HAMLET M R , MICHEL K , BéATRICE P P . TCP and network coding:equilibrium and dynamic properties[J]. IEEE/ACM Transactions on Networking, 2016,24(4): 1935-1947. |
[15] | ZHAO Y , MA Z G , ZHENG X F ,et al. An improved algorithm of nonlinear RED based on membership cloud theory[J]. Chinese Journal of Electronics, 2017,26(3): 537-543. |
[16] | GUIRGUIS M. , BESTAVROS A , MATTA I . Exploiting the transients of adaptation for RoQ attacks on Internet re-sources[C]// IEEE ICNP. 2004: 184-195. |
[17] | 高海华, 杨辉华, 王行愚 ,等. 基于PCA和KPCA特征抽取的SVM网络入侵检测方法[J]. 华东理工大学学报(自然科学版), 2006,32(3): 321-326. |
GAO H H , YANG H H , WANG X Y ,et al. PCA/KPCA feature extraction approach to SVM for anomaly detection[J]. Journal of East China University of Science and Technology, 2006,32(3): 321-326. | |
[18] | ZHANG X Y , WU Z J , CHEN J S ,et al. An adaptive KPCA approach for detecting LDoS attack[J]. International Journal of Communication Systems, 2017,30(4): 1-8. |
[19] | ZHANG C W , CAI Z , CHEN W ,et al. Flow level detection and filtering of low-rate DDoS[J]. Computer Networks the International Journal of Computer & Telecommunications Networking, 2012,56(15): 3417-3431. |
[20] | FENG W C , KANDLUR D D , SAHA D ,et al. Stochastic fair blue:a queue management algorithm for enforcing fairness[C]// The 20th Joint Conference of the IEEE Computer & Communications Societies. 2001: 1520-1529. |
[21] | MOHAN L , BIJESH M G , JOHN J K . Survey of low rate denial of service (LDoS) attack on RED and its counter strategies[C]// IEEE International Conference on Computational Intelligence & Computing Research. 2012: 1-7. |
[22] | 苏治, 傅晓媛 . 核主成分遗传算法与 SVR 选股模型改进[J]. 统计研究, 2013,30(5): 54-62. |
SU Z , FU X Y . Kernel principal component genetic algorithm and improved SVR stock selection model[J]. Statistical Research, 2013,30(5): 54-62. | |
[23] | LI J , YU L . Using BP neural networks for the simulation of energy consumption[C]// IEEE International Conference on Systems,Man and Cybernetics. 2014: 3542-3547. |
[24] | 刘陶, 何炎祥, 熊琦 . 一种基于Q学习的LDoS攻击实时防御机制及其CPN实现[J]. 计算机研究与发展, 2011,48(3): 432-439. |
[1] | KUZMANOVIC A , KNIGHTLY E W . Low-rate TCP-targeted denial of service attacks -the shrew vsthe mice and elephants[C]// ACM SIGCOMM. 2003: 25-29. |
[2] | KUZMANOVIC A , KNIGHTLY E W . Low-rate TCP-targeted denial of service attacks and counter strategies[J]. IEEE/ACM Transactions on Networking, 2006,14(4): 683-696. |
[3] | 何炎祥, 刘陶, 曹强 ,等. 低速率拒绝服务攻击研究综述[J]. 计算机科学与探索, 2008,2(1): 1-19. |
HE Y X , LIU T , CAO Q ,et al. A survey of low-rate denial-of-service attacks[J]. Journal of Frontiers of Computer Science and Technology, 2008,2(1): 1-19. | |
[24] | LIU T , HE Y X , XIONG Q . A Q-learning based real-time mitigating mechanism against LDoS attack and its modeling and simulation with CPN[J]. Journal of Computer Research and Development, 2011,48(3): 432-439. |
[25] | WU Z J , ZHANG L Y , YUE M . Low-rate DoS attacks detection based on network multifractal[J]. IEEE Transactions on Dependable & Secure Computing, 2016,13(5): 559-567. |
[4] | 岳猛, 张才峰, 吴志军 . 隐马尔科夫模型检测 LDoS 攻击方法的研究[J]. 信号处理, 2015,31(11): 1454-1460. |
YUE M , ZHANG C F , WU Z J . The research of detecting LDoS attacks based on hidden Markov model[J]. Journal of Signal Processing, 2015,31(11): 1454-1460. | |
[26] | 赵峰, 张军英 . 一种 KPCA 的快速算法[J]. 控制与决策, 2007,22(9): 1044-1048. |
ZHAO F , ZHANG J Y . Fast algorithm about KPCA[J]. Control and Decision, 2007,22(9): 1044-1048. | |
[5] | YU C , KAI H , KWOK Y K . Collaborative defense against periodic shrew DDoS attacks in frequency domain[J]. ACM Transactions on Information and System Security, 2005: 2-27. |
[6] | 何炎祥, 曹强, 刘陶 ,等. 一种基于小波特征提取的低速率DoS检测方法[J]. 软件学报, 2009,20(4): 930-941. |
HE Y X , CAO Q , LIU T ,et al. A low-rate DoS detection method based on feature extraction using wavelet transform[J]. Journal of Software, 2009,20(4): 930-941. | |
[7] | LIU X , ZHANG M , XU G . Construction of distributed LDoS attack based on one-dimensional random walk algorithm[C]// International Conference on Cloud Computing and Intelligence Systems. 2012: 685-689. |
[8] | 张静, 胡华平, 刘波 ,等. 基于ASPQ的LDoS攻击检测方法[J]. 通信学报, 2012,33(5): 79-84. |
ZHANG J , HU H P , LIU B ,et al. Detecting LDoS attack based on ASPQ[J]. Journal on Communications, 2012,33(5): 79-84. | |
[9] | SUN J , ZUKERMAN M . An adaptive neuron AQM for a stable internet[M]// Ad Hoc and Sensor Networks,Wireless Networks,Next Generation Internet. Springer Berlin Heidelberg, 2007: 844-854. |
[10] | KUZMANOVIC A . The power of explicit congestion notification[J]. ACM Sigcomm Computer Communication Review, 2005,35(4): 61-72. |
[11] | SARAT S , TERZIS A . On the effect of router buffer sizes on low-rate denial of service attacks[C]// International Conference on Computer Communications and Networks. 2005: 281-286. |
[12] | MOHAN L , JOHN J K , BIJESH M G . Shrew attack prevention in RED queue with partial flow analysis[J]. International Journal of Computer Applications, 2013,67(8): 9-15. |
[13] | 张长旺, 殷建平, 蔡志平 ,等. 抗 DDoS 攻击的主动队列管理算法[J]. 软件学报, 2011,22(9): 2182-2192. |
[1] | 陈晋音, 熊海洋, 马浩男, 郑雅羽. 基于对比学习的图神经网络后门攻击防御方法[J]. 通信学报, 2023, 44(4): 154-166. |
[2] | 李建锋, 刘哲宇, 荣洋, 李展, 廖柏林, 屈林曦, 刘志杰, 林琨煌. 用于线性噪声时变凸二次规划的归零神经网络[J]. 通信学报, 2023, 44(4): 226-233. |
[3] | 林云, 徐怀韬, 王森, 张思成, 庄龙. 基于特征融合的通信语音干扰效果客观评估[J]. 通信学报, 2023, 44(3): 105-116. |
[4] | 杨宏宇, 杨海云, 张良, 成翔. 基于特征依赖图的源代码漏洞检测方法[J]. 通信学报, 2023, 44(1): 103-117. |
[5] | 何世文, 袁军, 安振宇, 张敏, 黄永明, 张尧学. 基于图神经网络的联合用户调度与波束成形优化算法[J]. 通信学报, 2022, 43(7): 73-84. |
[6] | 冷涛, 蔡利君, 于爱民, 朱子元, 马建刚, 李超飞, 牛瑞丞, 孟丹. 基于系统溯源图的威胁发现与取证分析综述[J]. 通信学报, 2022, 43(7): 172-188. |
[7] | 李昂, 陈建新, 魏昕, 周亮. 面向6G的跨模态信号重建技术[J]. 通信学报, 2022, 43(6): 28-40. |
[8] | 王晓丹, 李京泰, 宋亚飞. DDAC:面向卷积神经网络图像隐写分析模型的特征提取方法[J]. 通信学报, 2022, 43(5): 68-81. |
[9] | 廖育荣, 王海宁, 林存宝, 李阳, 方宇强, 倪淑燕. 基于深度学习的光学遥感图像目标检测研究进展[J]. 通信学报, 2022, 43(5): 190-203. |
[10] | 张帆, 黄赟, 方子茁, 郭威. 卷积神经网络的损失最小训练后参数量化方法[J]. 通信学报, 2022, 43(4): 114-122. |
[11] | 朱政宇, 侯庚旺, 黄崇文, 孙钢灿, 郝万明, 梁静. 基于并行CNN的RIS辅助D2D保密通信系统资源分配算法[J]. 通信学报, 2022, 43(3): 172-179. |
[12] | 霍俊彦, 王丹妮, 马彦卓, 万帅, 杨付正. 基于轻量级全连接网络的H.266/VVC分量间预测[J]. 通信学报, 2022, 43(2): 143-155. |
[13] | 龙华, 黄张衡, 邵玉斌, 杜庆治, 苏树盟. 基于改进CFCC特征提取的语种识别算法研究[J]. 通信学报, 2022, 43(12): 211-221. |
[14] | 朱政宇, 陈鹏飞, 王梓晅, 巩克现, 吴迪, 王忠勇. 基于Swin-Transformer的短波协议信号识别[J]. 通信学报, 2022, 43(11): 127-135. |
[15] | 熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|