Journal on Communications ›› 2022, Vol. 43 ›› Issue (11): 53-64.doi: 10.11959/j.issn.1000-436x.2022216
• Papers • Previous Articles Next Articles
Xueyuan DUAN1,2,3, Yu FU1, Kun WANG1,4, Bin LI1
Revised:
2022-10-20
Online:
2022-11-25
Published:
2022-11-01
Supported by:
CLC Number:
Xueyuan DUAN, Yu FU, Kun WANG, Bin LI. LDoS attack detection method based on simple statistical features[J]. Journal on Communications, 2022, 43(11): 53-64.
"
攻击种类 | 准确率 | 召回率 | 精确率 | 误警率 | F1值 |
Pwnloris | 0.979 4 | 0.961 1 | 0.937 7 | 0.016 0 | 0.949 2 |
Hping | 0.969 4 | 0.947 2 | 0.904 5 | 0.025 0 | 0.925 4 |
Torshammer | 0.968 9 | 0.955 6 | 0.895 8 | 0.027 8 | 0.924 7 |
Slowloris | 0.962 2 | 0.936 1 | 0.882 2 | 0.031 3 | 0.908 4 |
Httpbog | 0.964 4 | 0.930 6 | 0.895 7 | 0.027 1 | 0.912 8 |
Slowhttptest | 0.951 7 | 0.952 8 | 0.830 5 | 0.048 6 | 0.887 5 |
平均值 | 0.966 0 | 0.947 2 | 0.891 1 | 0.029 3 | 0.918 0 |
"
检测方法 | 实验数据 | 数据来源 | 准确率 | 召回率 | 精确率 | 误警率 | F1值 | 消耗时间/ms |
联合特征 | 自采集数据 | 实际网络环境中搭建的Test-bed实验平台 | — | 0.966 8 | — | 0.038 9 | — | — |
PCA-SVM | 自采集数据 | NS-2试验平台 | 0.924 7 | 0.951 6 | — | 0.068 8 | — | — |
SDN-MLP | CICDoS2017 | 公开数据集 | 0.950 1 | 0.945 1 | 0.954 6 | 0.005 2 | 0.949 8 | — |
MF-Adaboost | 自采集数据 | NS-2试验平台 | — | 0.970 6 | — | 0.003 3 | — | — |
FF-CNN | CICDoS2017 | 公开数据集 | 0.990 0 | 0.963 0 | 0.975 0 | — | 0.969 0 | 0.003 8 |
LSTM-GAN | 自采集数据 | 实际网络环境及模拟攻击平台 | 0.949 9 | 0.942 8 | 0.910 3 | 0.046 6 | 0.926 2 | 0.580 0 |
[1] | WU Z J , LI W J , LIU L ,et al. Low-rate DoS attacks,detection,defense,and challenges:a survey[J]. IEEE Access, 2020,8: 43920-43943. |
[2] | ADI E , BAIG Z , LAM C P ,et al. Low-rate denial-of-service attacks against HTTP/2 services[C]// Proceedings of 2015 5th International Conference on IT Convergence and Security (ICITCS). Piscataway:IEEE Press, 2015: 1-5. |
[3] | 李洪成, 吴晓平, 姜洪海 . 基于改进聚类分析的网络流量异常检测方法[J]. 网络与信息安全学报, 2015,1(1): 66-71. |
LI H C , WU X P , JIANG H H . Traffic anomaly detection method in networks based on improved clustering algorithm[J]. Chinese Journal of Network and Information Security, 2015,1(1): 66-71. | |
[4] | MANIMURUGAN S , ALMUTAIRI S . A user-based video recommendation approach using CAC filtering,PCA with LDOS-CoMoDa[J]. The Journal of Supercomputing, 2022,78(7): 9377-9391. |
[5] | 李佳, 云晓春, 李书豪 ,等. 基于混合结构深度神经网络的 HTTP恶意流量检测方法[J]. 通信学报, 2019,40(1): 24-33. |
LI J , YUN X C , LI S H ,et al. HTTP malicious traffic detection method based on hybrid structure deep neural network[J]. Journal on Communications, 2019,40(1): 24-33. | |
[6] | SHI W , TANG D , ZHAN S J ,et al. An approach for detecting LDoS attack based on cloud model[J]. Frontiers of Computer Science, 2022,16(6): 1-12. |
[7] | KUZMANOVIC A , KNIGHTLY E W . Low-rate TCP-targeted denial of service attacks and counter strategies[C]// Proceedings of IEEE/ACM Transactions on Networking. Piscataway:IEEE Press, 2005: 683-696. |
[8] | LIU L , WANG H Y , WU Z J ,et al. The detection method of low-rate DoS attack based on multi-feature fusion[J]. Digital Communications and Networks, 2020,6(4): 504-513. |
[9] | SHARAFALDIN I , GHARIB A , LASHKARI A H ,et al. Towards a reliable intrusion detection benchmark dataset[J]. Software Networking, 2017,2017(1): 177-200. |
[10] | 吴志军, 张景安, 岳猛 ,等. 基于联合特征的LDoS攻击检测方法[J]. 通信学报, 2017,38(5): 19-30. |
WU Z J , ZHANG J G , YUE M ,et al. Approach of detecting low-rate DoS attack based on combined features[J]. Journal on Communications, 2017,38(5): 19-30. | |
[11] | WU Z J , ZHANG L Y , YUE M . Low-rate DoS attacks detection based on network multifractal[J]. IEEE Transactions on Dependable and Secure Computing, 2016,13(5): 559-567. |
[12] | LIU D L , SHUAI D X . Multifractal characteristic quantities of network traffic models[C]// Grid and Cooperative Computing. Berlin:Springer, 2004: 413-417. |
[13] | ZHANG C W , CAI Z P , CHEN W F ,et al. Flow level detection and filtering of low-rate DDoS[J]. Computer Networks, 2012,56(15): 3417-3431. |
[14] | WU Z J , WANG M X , YAN C C ,et al. Low-rate DoS attack flows filtering based on frequency spectral analysis[J]. China Communications, 2017,14(6): 98-112. |
[15] | 杜臻, 马立鹏, 孙国梓 . 一种基于小波分析的网络流量异常检测方法[J]. 计算机科学, 2019,46(8): 178-182. |
DU Z , MA L P , SUN G Z . Network traffic anomaly detection based on wavelet analysis[J]. Computer Science, 2019,46(8): 178-182. | |
[16] | AGRAWAL N , TAPASWI S . Low rate cloud DDoS attack defense method based on power spectral density analysis[J]. Information Processing Letters, 2018,138: 44-50. |
[17] | BRYNIELSSON J , SHARMA R . Detectability of low-rate HTTP server DoS attacks using spectral analysis[C]// Proceedings of 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). Piscataway:IEEE Press, 2015: 954-961. |
[18] | WU X X , TANG D , TANG L ,et al. A low-rate DoS attack detection method based on Hilbert spectrum and correlation[C]// Proceedings of 2018 IEEE SmartWorld,Ubiquitous Intelligence & Computing,Advanced & Trusted Computing,Scalable Computing & Communications,Cloud & Big Data Computing,Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). Piscataway:IEEE Press, 2018: 1358-1363. |
[19] | SWAMI R , DAVE M , RANGA V . Defending DDoS against software defined networks using entropy[C]// Proceedings of 2019 4th International Conference on Internet of Things:Smart Innovation and Usages (IoT-SIU). Piscataway:IEEE Press, 2019: 1-5. |
[20] | ZHANG D S , TANG D , TANG L ,et al. PCA-SVM-based approach of detecting low-rate DoS attack[C]// Proceedings of 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems. Piscataway:IEEE Press, 2019: 1163-1170. |
[21] | YAN Y D , TANG D , ZHAN S J ,et al. Low-rate DoS attack detection based on improved logistic regression[C]// Proceedings of 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City;IEEE 5th International Conference on Data Science and Systems. Piscataway:IEEE Press, 2019: 468-476. |
[22] | PéREZ-DíAZ J A , VALDOVINOS I A , CHOO K K R ,et al. A flexible SDN-based architecture for identifying and mitigating low-rate DDoS attacks using machine learning[J]. IEEE Access, 2020,8: 155859-155872. |
[23] | TANG D , TANG L , DAI R ,et al. MF-Adaboost:LDoS attack detection based on multi-features and improved Adaboost[J]. Future Generation Computer Systems, 2020,106: 347-359. |
[24] | ILANGO H S , MA M D , SU R . A FeedForward-convolutional neural network to detect low-rate DoS in IoT[J]. Engineering Applications of Artificial Intelligence, 2022,114:105059. |
[25] | TANG D , TANG L , SHI W ,et al. MF-CNN:a new approach for LDoS attack detection based on multi-feature fusion and CNN[J]. Mobile Networks and Applications, 2021,26(4): 1705-1722. |
[26] | AGARWAL A , PRASAD A , RUSTOGI R ,et al. Detection and mitigation of fraudulent resource consumption attacks in cloud using deep learning approach[J]. Journal of Information Security and Applications, 2021,56:102672. |
[27] | XU C Y , SHEN J Z , DU X . Low-rate DoS attack detection method based on hybrid deep neural networks[J]. Journal of Information Security and Applications, 2021,60:102879. |
[28] | CHEN X H , DENG L W , HUANG F T ,et al. DAEMON:unsupervised anomaly detection and interpretation for multivariate time series[C]// Proceedings of 2021 IEEE 37th International Conference on Data Engineering. Piscataway:IEEE Press, 2021: 2225-2230. |
[29] | ANDREAS V , MICHAEL W , SERGE B . Residual networks behave like ensembles of relatively shallow networks[C]// Advances in Neural Information Processing Systems. Massachusetts:MIT Press, 2016: 550-558. |
[1] | Dongyu CHEN, Hua CHEN, Limin FAN, Yifang FU, Jian WANG. Research on test strategy for randomness based on deep learning [J]. Journal on Communications, 2023, 44(6): 23-33. |
[2] | Rongpeng LI, Bingyan WANG, Honggang ZHANG, Zhifeng ZHAO. Design of knowledge enhanced semantic communication receiver [J]. Journal on Communications, 2023, 44(6): 70-76. |
[3] | Shuai MA, Ke PEI, Huayan QI, Hang LI, Wen CAO, Hongmei WANG, Hailiang XIONG, Shiyin LI. Research on geomagnetic indoor high-precision positioning algorithm based on generative model [J]. Journal on Communications, 2023, 44(6): 211-222. |
[4] | Jie YANG, Biao DONG, Xue FU, Yu WANG, Guan GUI. Lightweight decentralized learning-based automatic modulation classification method [J]. Journal on Communications, 2022, 43(7): 134-142. |
[5] | Xiuzhang YANG, Guojun PENG, Zichuan LI, Yangqi LYU, Side LIU, Chenguang LI. Research on entity recognition and alignment of APT attack based on Bert and BiLSTM-CRF [J]. Journal on Communications, 2022, 43(6): 58-70. |
[6] | Yong LIAO, Shiyi WANG. CSI feedback algorithm based on RM-Net for massive MIMO systems in high-speed mobile environment [J]. Journal on Communications, 2022, 43(5): 166-176. |
[7] | Yurong LIAO, Haining WANG, Cunbao LIN, Yang LI, Yuqiang FANG, Shuyan NI. Research progress of deep learning-based object detection of optical remote sensing image [J]. Journal on Communications, 2022, 43(5): 190-203. |
[8] | Zenghua ZHAO, Yuefan TONG, Jiayang CUI. Device-independent Wi-Fi fingerprinting indoor localization model based on domain adaptation [J]. Journal on Communications, 2022, 43(4): 143-153. |
[9] | Lixia XIE, Xueou LI, Hongyu YANG, Liang ZHANG, Xiang CHENG. Multi-stage detection method for APT attack based on sample feature reinforcement [J]. Journal on Communications, 2022, 43(12): 66-76. |
[10] | Yong LIAO, Gang CHENG, Yujie LI. CSI feedback algorithm based on deep unfolding for massive MIMO systems [J]. Journal on Communications, 2022, 43(12): 77-88. |
[11] | Junyan HUO, Ruipeng QIU, Yanzhuo MA, Fuzheng YANG. Reference frame list optimization algorithm in video coding by quality enhancement of the nearest picture [J]. Journal on Communications, 2022, 43(11): 136-147. |
[12] | Haiyan KANG, Yuanrui JI. Research on federated learning approach based on local differential privacy [J]. Journal on Communications, 2022, 43(10): 94-105. |
[13] | Hongxia ZHANG, Qi WANG, Dengyue WANG, Ben WANG. Honeypot contract detection of blockchain based on deep learning [J]. Journal on Communications, 2022, 43(1): 194-202. |
[14] | Yan YAN, Yiming CONG, Mahmood Adnan, Quanzheng SHENG. Statistics release and privacy protection method of location big data based on deep learning [J]. Journal on Communications, 2022, 43(1): 203-216. |
[15] | Ye ZHU, Yilin YU, Yingchun GUO. HRDA-Net: image multiple manipulation detection and location algorithm in real scene [J]. Journal on Communications, 2022, 43(1): 217-226. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|