Unlock instant, AI-driven research and patent intelligence for your innovation.

DDoS attack traffic peak value prediction method based on machine learning

A technology of attacking traffic and machine learning, applied in digital transmission systems, data exchange networks, electrical components, etc., can solve problems such as routing strategy failure, protection effect reduction, failure, etc.

Active Publication Date: 2018-09-25
PEKING UNIV
View PDF7 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there is no good solution for how to quickly and effectively select a routing strategy
And as the routing strategy changes, the attacker will also adjust his attack mode to make the routing strategy invalid, or choose a poor path, so that the protection effect is reduced or even invalid.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack traffic peak value prediction method based on machine learning
  • DDoS attack traffic peak value prediction method based on machine learning
  • DDoS attack traffic peak value prediction method based on machine learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0046] Such as figure 1 The system shown is mainly divided into two parts, the first part is model training and the second part is traffic prediction. In the model training part, this system uses the existing DDoS data set for feature extraction and uses the method of integrated learning for training. In the traffic prediction part, when a DDoS attack is detected, the corresponding attack traffic input feature extraction module extracts the attack time feature set, and the normal traffic feature set and the attack feature set are spliced ​​together and input into the trained model. The model outputs predictions based on the set of features.

[0047] During the training phase, according to figure 2 , firstly find the existing public DDoS attack traffic data set, which is MIT DARPA1998DataSet used in this embodiment. Extract 90% of the data as the training data, and for each attack i in the training data, extract the traffic of T(i) seconds from the beginning of the attack t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS attack traffic peak value prediction method based on machine learning. For each attack, a feature set capable of describing the attack behavior is extracted by means ofan existing DDoS data set, a traffic peak value of the attack is predicted by combining a feature set of an attacked system by means of a machine learning method, therefore, an appropriate routing policy can be selected by referencing for a prediction result according to the machine group deployment condition, and then the loss brought by the attack is reduced maximally.

Description

technical field [0001] The invention relates to a traffic peak prediction method in a DDoS attack, in particular to a machine learning-based DDoS attack traffic peak prediction method, which belongs to the technical field of computer applications. Background technique [0002] The purpose of a DDoS attack is to prevent the system from serving other normal users by certain means. Two forms can often be used. One is to use system and software vulnerabilities to send carefully constructed data packets to the system, causing the system to crash or restart abnormally. A large number of data packets are sent to the target system, using useless information to exhaust the server resources or bandwidth of the system, so that the data packets of normal users cannot be processed or even received. Eventually the system becomes unresponsive to normal users. For the first attack method that exploits system vulnerabilities, we can find out system vulnerabilities and repair them to achiev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/145H04L41/147H04L63/1416H04L63/1458
Inventor 韩心慧魏爽武新逢丁怡婧黎桐辛
Owner PEKING UNIV