LDoS attack detection method based on MF-Ada algorithm

An attack detection and algorithm technology, applied to electrical components, transmission systems, etc., can solve problems such as high false alarm rate, poor adaptive ability, and high false alarm rate

Inactive Publication Date: 2020-08-28
HUNAN UNIV
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the deficiencies of traditional LDoS attack detection methods, such as high false alarm rate, high false negative rate and poor self-adaptive ability, a method for LDoS attack detection is proposed.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • LDoS attack detection method based on MF-Ada algorithm
  • LDoS attack detection method based on MF-Ada algorithm
  • LDoS attack detection method based on MF-Ada algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be further described below in conjunction with the accompanying drawings.

[0034] Such as figure 1 As shown, the LDoS attack detection method mainly includes four steps: data sampling, data processing, model training, and judgment detection. Among them, data sampling refers to sampling network traffic at fixed time intervals to form a training set and a feature set. Data processing includes two parts: network traffic feature extraction and feature selection. Model training refers to the ability of the Adaboost classification model to acquire the ability to detect LDoS attacks through training data. Judgment detection means that the detection model detects LDoS attacks on the test set based on the judgment criteria.

[0035] figure 2 Score the correlation between the sample feature data and the corresponding true category of the data piece. This process includes two steps, specifically: 1) Based on the chi-square test algorithm, the P valu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a low-speed denial of service (LDoS) attack detection method based on multi-flow characteristics and an Adaboost (MF-Ada) algorithm, and belongs to the field of network security. The method comprises the following steps: in unit time, capturing all related data messages in a network key routing node to form a training sample and a test sample; performing feature extractionand feature selection on the training sample and the test sample to obtain optimal feature data of the training sample and optimal feature data of the test sample; training an Adaboost classificationmodel by using the optimal feature data of the training sample, so that the Adaboost classification model learns and memorizes the features of the LDoS attack to obtain a model capable of being used for LDoS attack detection; and detecting the optimal feature data of the test sample by using the trained Adaboost classification model; and judging whether the LDoS attack occurs in the unit time corresponding to the optimal feature data or not according to a judgment criterion. The detection method based on the MF-Ada algorithm provided by the invention has the advantages of relatively low falsealarm rate and missing report rate and self-adaptive parameter adjustment, and is an LDoS attack detection method with relatively good detection performance.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to a slow denial of service (LDoS) attack detection method based on multi-flow characteristics and an Adaboost (MF-Ada) algorithm. Background technique [0002] Denial of service (DoS) attacks continuously send high-intensity attack traffic to the attack target, exhausting the resources of the attack target, so that normal users cannot receive effective services for a long time. Slow Denial of Service (LDoS) attack is a variant of DoS attack. Different from DoS attacks, LDoS attacks send high-intensity pulses to the attack target in a periodic manner, so that the network is continuously congested, so as to achieve the same attack effect as DoS attacks. Therefore, compared with traditional DoS attacks, LDoS attacks can achieve the same or even greater damage to the attack target at a lower attack cost. [0003] So far, although many people have proposed many met...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1458
Inventor 施玮唐柳汤澹满坚平王曦茵张冬朔郑芷青王思苑
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap