Burst traffic detection method based on dynamic threshold

A burst flow, dynamic threshold technology, applied in the field of network security, can solve the problem of not being able to adapt to the dynamic changing network environment, and achieve the effect of low false alarm rate, strong practicability, and ensuring network security.

Active Publication Date: 2016-02-24
THE PLA INFORMATION ENG UNIV
View PDF5 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the above situation, in order to overcome the defects of the prior art, the object of the present invention is to provide a burst traffic detection method based on a dynamic threshold, which can effectively realize real-time online detection of burst traffic in a high-speed network environment, and solve the problem of using a fixed threshold. The method cannot adapt well to the problem of dynamically changing network environment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Burst traffic detection method based on dynamic threshold
  • Burst traffic detection method based on dynamic threshold
  • Burst traffic detection method based on dynamic threshold

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0010] The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings and specific conditions.

[0011] according to figure 1 Shown, the present invention is realized by following steps in concrete implementation:

[0012] (1) Generation of the initial sliding window:

[0013] The first w detection cycles are normal traffic, and the network traffic data containing burst traffic in the middle or later is used as input, and the first detection cycle is detected from the very beginning of the network traffic, and the network traffic in each detection cycle Calculate its original entropy value, and move backward one detection cycle each time to obtain an original entropy value sequence and a normal entropy value sequence to form the current sliding window. The size of the sliding window is in the normal entropy value sequence and used as a reference value The number of normal entropy values ​​of , deno...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a burst traffic detection method based on dynamic threshold. By means of the method, the burst traffic in a high-speed network environment can be effectively detected on line in real time, and the problem that a fixed threshold method cannot well adapt to the dynamically changing network environment is solved. According to the technical scheme, a threshold is dynamically adjusted according to the source IP entropy value of the normal historical traffic, a sliding window mechanism is introduced, and burst traffic is detected by comparing whether the difference value between the current detection value and the average entropy value of a sliding window exceeds the dynamic threshold; the method comprises steps as follows: generation of an initial sliding window, generation of a reference value, generation of the current detection value, abnormality judgment of the current detection value, processing of normal traffic and processing of burst traffic. The detection method is rapid, simple, high in detection rate and low in false rate, the network safety is effectively guaranteed, and the detection method has high practicability and huge economic and social benefits.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a dynamic threshold-based burst flow detection method for network burst flow detection. Background technique [0002] With the continuous development of Internet technology, especially the continuous emergence of various Web applications, the Internet has increasingly become an indispensable part of people's daily work, life, and study. Along with the substantial growth of normal network application traffic, various abnormal traffic also follows, especially the sudden traffic caused by DDoS attacks, which seriously affects network communication and network services. It is of great practical significance and practical value to quickly and accurately detect network burst traffic, thereby further providing reliable basis for network traffic management and control. The burst traffic refers to a large amount of network traffic (that is, network data packets) that suddenly ap...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 尹美娟刘晓楠罗军勇骆凯刘琰丁文博
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap