A low-speed denial of service attack detection method based on an SNN-LOF algorithm

A denial of service attack and detection method technology, applied in computing, computer parts, instruments, etc., can solve problems such as low practicability, high resource consumption, and low accuracy

Active Publication Date: 2019-05-07
HUNAN UNIV
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004]Aiming at the problems of low practicability, high resource consumption and low accuracy of the traditional slow denial of service attack detection method, a slow denial of service attack is proposed Detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A low-speed denial of service attack detection method based on an SNN-LOF algorithm
  • A low-speed denial of service attack detection method based on an SNN-LOF algorithm
  • A low-speed denial of service attack detection method based on an SNN-LOF algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The present invention will be further described below in conjunction with the accompanying drawings.

[0024] figure 1 It is a schematic diagram of the density clustering algorithm process. The clustering algorithm is mainly to extract an unprocessed sample point from the data sample. If the extracted sample point is a core point, then find all the objects that are reachable from the point density to form a cluster, otherwise the extracted sample point is the boundary point, and then continue to extract the next unprocessed sample point until all sample points have been traversed, and the detection samples are clustered into several clusters.

[0025] figure 2 is the schematic diagram of the fifth distance of the data sample point p. The k-th reachable distance of the data sample point refers to the distance or the actual distance from at least the k-th farthest sample point. According to the reachable distance between each sample point, the local reachable density ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a low-speed denial of service attack detection method based on a shared neighbor density cluster and an outlier factor (SNN-LOF) algorithm, and belongs to the field of networksecurity. The method comprises the following steps of: acquiring flow data information in a key route within a period of time by setting a fixed sampling time interval; And segmenting the flow data toform a plurality of detection units, and counting discrete attributes of the TCP flow and the total flow in each detection unit to form a detection data sample; And constructing a shared neighbor similarity matrix for the detection samples, and performing density clustering by taking the shared neighbor similarity matrix as density measurement to form divided clusters; And introducing a known data sample, calculating an outlier factor of the introduced data by utilizing an outlier factor algorithm, classifying the cluster according to a judgment criterion, and judging whether a slow denial ofservice attack exists or not. The detection method based on SNN-LOF algorithm proposed by the invention can detect slow denial of service attacks accurately, quickly and efficiently..

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to a special denial of service attack detection. Background technique [0002] Slow denial of service attack is a new type of denial of service attack, and the core idea of ​​slow denial of service attack is to attack the bottleneck link or router, causing congestion in an instant, resulting in the loss of a large number of TCP packets, forcing the network to send a congestion signal, Enable the TCP congestion control mechanism at the source end, adjust the sending window size adaptively, and try to restore to a stable state. Periodic attacks will cause fluctuations in TCP traffic transmission performance and severely reduce network throughput. This kind of attack can not only achieve the desired effect, but also easily evade detection, making it very difficult to prevent. Although many methods have been proposed at present, there is still no mature solution. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06K9/62
Inventor 汤澹郑凯罗能光唐柳吴小雪詹思佳王曦茵陈静文
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap