Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Application layer DDoS attack detection method based on logistic regression

A logistic regression and attack detection technology, applied to electrical components, transmission systems, etc., can solve the problems that restrict the effectiveness of DDoS attack detection at the application layer, high computational complexity, low detection rate, etc., and achieve reduced overhead and accurate models Parameters, Model Simple Effects

Inactive Publication Date: 2018-02-23
TIANJIN UNIV
View PDF1 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The detection technology for application-layer DDoS attacks has been paid more and more attention, but traditional detection methods have problems such as high false positive rate, low detection rate, and high computational complexity, which restrict the application-layer DDoS attack detection. effectiveness

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application layer DDoS attack detection method based on logistic regression
  • Application layer DDoS attack detection method based on logistic regression
  • Application layer DDoS attack detection method based on logistic regression

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0020] The present invention will be further described below through specific embodiments and accompanying drawings. This example is only intended to illustrate an implementation method of the present invention, and does not represent a limitation on the scope of coverage of the present invention.

[0021] A kind of application layer DDoS attack detection method based on logistic regression of the present invention, the specific implementation process is described as follows:

[0022] The first step is to obtain the access log of the application layer server, and perform data cleaning on the obtained log.

[0023] Set the sliding time window to 1 hour, obtain user access logs within 1 hour, and then perform data cleaning on the obtained log set. The purpose of this is to remove redundant access records. When a user clicks on a page, they will also request static resources embedded in the page, such as: text, pictures, and page styles embedded in the page. Only keep user req...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an application layer DDoS attack detection method based on logistic regression. The method comprises the following steps: with the IP address of an access user as an identifier, extracting a feature set of user access behaviors; calculating a logistic regression function value of the user; obtaining the maximum likelihood function according to a logistic regression model,wherein the loss function of the logistic regression model is the opposite number of the maximum likelihood function; with the loss function as the target function, solving the target function by using a quantum particle swarm optimization algorithm to obtain the parameters of the logistic regression model, so that the target value of the loss function is the maximal; and predicting the unmarked user features by using the solved logistic regression model to obtain the category of the user.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to an application layer DDoS attack detection method. technical background [0002] Early DDoS attacks were based on the network layer, and attackers mostly used network layer protocol vulnerabilities to launch attacks. For example, SYN Flood, ICMP Flood, etc. sent a large number of data packets to the target host, causing flood attacks and paralyzing the host. At present, due to the continuous improvement of network layer protocols and the maturity of such attack detection technologies, most target hosts can detect and filter such attack flows. In order to effectively carry out the attack again, the attacker adopts a DDoS attack targeting the application layer, which has the characteristics of strong concealment and remarkable attack effect. The attacker uses the real IP of the zombie machine to establish a TCP connection with the server to send legitimate requests, which ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 张雪博刘敬浩
Owner TIANJIN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products