Method of using hidden Markov model to detect LDoS (Low-Rate Denial of Service) attack

A hidden Markov, model detection technology, applied in electrical components, transmission systems, etc., can solve problems such as large amount of calculation and low detection rate

Inactive Publication Date: 2016-01-13
CIVIL AVIATION UNIV OF CHINA
View PDF3 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method also has prominent shortcomings, that is, a large amount of calcula

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of using hidden Markov model to detect LDoS (Low-Rate Denial of Service) attack
  • Method of using hidden Markov model to detect LDoS (Low-Rate Denial of Service) attack
  • Method of using hidden Markov model to detect LDoS (Low-Rate Denial of Service) attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] 1. First verify the LDoS attack detection effect, use NS-2 to build a test environment, Figure 5 The topology structure is a dumbbell-shaped structure, which can represent the characteristics of the actual network. Nodes 0 and 1 are routers, nodes 2 are FTP servers, nodes 3 and 4 are attackers, nodes 5, 6, and 7 are normal users. The link bandwidth between the legitimate user, the LDoS attacker and the router is 100Mbps, the one-way delay is 10ms, the link bandwidth between the routers is 10Mbps, the one-way delay is 10ms, and the link bandwidth between the router and the server is 100Mbps, one-way delay is 10ms. The send queue size of the router is 100 packets. The experiment starts at 0s and ends at 150s. The 3 normal traffic starts at 0s and ends at 150s, and the attack traffic starts at 100s and ends at 150s. Nodes 3 and 4 are attackers with an attack rate of 6Mbps, an attack period of 1150ms, and an attack pulse width of 200ms. 3, 4 nodes start attacking at t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A LDoS (Low-Rate Denial of Service) attack has features of low average rate and strong hidden performance. The traditional detection method does work. The invention provides a LDoS attack detection method based on the hidden Markov model for the LDoS attack. Firstly, the hidden Markov model is built for a network state, and a detection result in a NCPSD (Normalized Cumulative Power Spectrum Density) method serves as an observation value of the hidden Markov model; forward algorithm is used to obtain deviation of different observation value sequences in the model to serve as a detection basis; and in NS-2, the detection method is tested, experimental results show that the method can effectively detect the LDoS attack, and compared with other methods, the detection performance is better. The detection rate is 99.96% through hypothesis test, and the method has the advantages of high detection probability, low false alarm rate and low missed alarm rate.

Description

technical field [0001] The invention relates to a computer network security technology, especially for the detection of low-rate denial of service (Low-rate Denial of Service, LDoS) attack, which can detect the attack with high accuracy. Background technique [0002] Low rate denial of service LDoS attack is a new type of denial of service (Denial of Service, DoS) attack. Since the day the LDoS attack was discovered, it has been a research hotspot in the field of network security. The essence of LDoS attack is to use the loopholes in the adaptive mechanism of the network system to cause false congestion and force the service quality of TCP connections to be greatly reduced. According to statistics, more than 80% of traffic in the network is TCP, therefore, LDoS attacks will pose a huge threat. LDoS attacks do not need to maintain a high attack rate all the time, but only need to send high-rate short-pulse attack streams in a fixed period. Therefore, the average rate of LD...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 岳猛刘亮
Owner CIVIL AVIATION UNIV OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap