DDoS attack detection method based on chaos theory analysis

A technology of chaos theory and attack detection, applied in the direction of secure communication, digital transmission system, and electrical components through chaotic signals, can solve difficult problems such as network behavior supervision and auditing, and achieve strong purpose and deterministic effects
CN110557397AInactive Publication Date: 2019-12-10GUIZHOU POWER GRID CO LTD
4 Cites 7 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
GUIZHOU POWER GRID CO LTD
Publication Date
2019-12-10
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a DDoS (Distributed Denial of Service) attack detection method based on chaos theory analysis, which comprises the following steps: step 1, collecting information network flowdata, and preprocessing the collected flow data; 2, establishing a network normal flow model by adopting a sequence prediction algorithm in the time sequence model; 3, performing subtraction on the network flow normal model and the network flow measurement value to obtain a corresponding new sequence, thereby obtaining an abnormal subsequence of the network flow; 4, analyzing the abnormal subsequence by adopting a Lyapunov exponent in a chaos theory, and judging the state of the system at the current moment. The technical problems that in the prior art, due to the fact that most of attack flows speak from single data, no obvious malicious feature exists, and even a legal normal request appears, the DDoS attack has great difficulty in detection, and at present, there is no effective solution to detect the DDoS attack to eradicate or reduce the brought harm can be solved.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention belongs to network attack detection technology, in particular to a DDoS attack detection method based on chaos theory analysis. Background technique

[0002] The DDoS attack process is roughly divided into the following steps:

[0003] (1) Collect host information: Target hosts refer to hosts with low self-defense capabilities within a certain range. The process of collecting host information is mainly to obtain important information about target hosts that can be infected. Opening status, IP address and bandwidth capacity, etc. (2) Find the victim host: There are various ways to infect the victim host, and most of them use port scanning to find those hosts with configuration errors and weak system protection as the primary infectors. At the same time, those network hosts that are less updated and less maintained are also the best infection targets for attackers. (3) Control the victim host: When the victim network host is infected by ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More