DDoS attack detection method based on chaos theory analysis

A technology of chaos theory and attack detection, applied in the direction of secure communication, digital transmission system, and electrical components through chaotic signals, can solve difficult problems such as network behavior supervision and auditing, and achieve strong purpose and deterministic effects

Inactive Publication Date: 2019-12-10
GUIZHOU POWER GRID CO LTD
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This "stateless" feature makes it difficult for managers to effectively su

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack detection method based on chaos theory analysis
  • DDoS attack detection method based on chaos theory analysis
  • DDoS attack detection method based on chaos theory analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] The present invention uses readable files of network data information to construct a normal network traffic model, and then designs a network distributed abnormal behavior detection algorithm based on chaos theory. The process is as follows:

[0073] 1. Collect large-scale communication network traffic data, and preprocess the traffic information according to the needs of the research.

[0074] 2. Use the sequence prediction algorithm in the time series model to establish a normal network traffic model.

[0075] 3. The predicted normal model of network traffic is subtracted from the measured value of network traffic to obtain the corresponding innovation sequence, thereby obtaining the abnormal subsequence of network traffic.

[0076] 4. Use the Lyapunov exponent in chaos theory to analyze the abnormal subsequence, and detect whether the system is chaotic or non-chaotic at the current moment.

[0077] 5. If a DDoS attack occurs, the current system is non-chaotic. The ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DDoS (Distributed Denial of Service) attack detection method based on chaos theory analysis, which comprises the following steps: step 1, collecting information network flowdata, and preprocessing the collected flow data; 2, establishing a network normal flow model by adopting a sequence prediction algorithm in the time sequence model; 3, performing subtraction on the network flow normal model and the network flow measurement value to obtain a corresponding new sequence, thereby obtaining an abnormal subsequence of the network flow; 4, analyzing the abnormal subsequence by adopting a Lyapunov exponent in a chaos theory, and judging the state of the system at the current moment. The technical problems that in the prior art, due to the fact that most of attack flows speak from single data, no obvious malicious feature exists, and even a legal normal request appears, the DDoS attack has great difficulty in detection, and at present, there is no effective solution to detect the DDoS attack to eradicate or reduce the brought harm can be solved.

Description

technical field [0001] The invention belongs to network attack detection technology, in particular to a DDoS attack detection method based on chaos theory analysis. Background technique [0002] The DDoS attack process is roughly divided into the following steps: [0003] (1) Collect host information: Target hosts refer to hosts with low self-defense capabilities within a certain range. The process of collecting host information is mainly to obtain important information about target hosts that can be infected. Opening status, IP address and bandwidth capacity, etc. (2) Find the victim host: There are various ways to infect the victim host, and most of them use port scanning to find those hosts with configuration errors and weak system protection as the primary infectors. At the same time, those network hosts that are less updated and less maintained are also the best infection targets for attackers. (3) Control the victim host: When the victim network host is infected by ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/00
CPCH04L9/001H04L63/1416H04L63/1425
Inventor 王颖舒刘晴左宇张娟娟袁舒黄韬徐拓之李易韦倩
Owner GUIZHOU POWER GRID CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap