LDoS attack detection method based on EMDR-WE algorithm

An EMDR-WE and attack detection technology, applied in computing, computer components, pattern recognition in signals, etc., can solve problems such as low detection rate and unstable performance, and achieve high accuracy, low false alarm rate, and stability performance effect

Active Publication Date: 2022-02-18
HUNAN UNIV
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the shortcomings of low detection rate and unstable performance of the existing LDoS attack detection method, the present invention proposes an LDoS attack detection method based on the EMDR-WE algorithm

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • LDoS attack detection method based on EMDR-WE algorithm
  • LDoS attack detection method based on EMDR-WE algorithm
  • LDoS attack detection method based on EMDR-WE algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The present invention will be further described below in conjunction with the accompanying drawings.

[0019] Such as Figure 4 Shown is the flowchart of the method of the present invention, the LDoS attack detection method mainly includes five steps: data sampling, data processing, feature extraction, comprehensive scoring and result evaluation.

[0020] 1. Data sampling. Set a sampling point at the same unit time to collect the TCP traffic on the bottleneck link in the network to form the original TCP traffic sequence.

[0021] 2. Data processing. Empirical mode decomposition of the TCP traffic sequence to obtain several components, and then through Granger causality test and correlation coefficient ranking to filter the components, filter the false components and noise, linearly add the remaining components to reconstruct the TCP traffic sequence, and obtain It sets the sliding window. The above process is constructed as the signal preprocessing model of the pres...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an LDoS attack detection method based on an EMDR-WE algorithm, and belongs to the field of computer network security. The method comprises the following steps: in view of the characteristic of high complexity of a TCP flow sequence under the LDoS attack, quantifying the TCP flow sequence complexity of an attack window and a normal window by combining four characteristic entropies, namely approximate entropy, sample entropy, fuzzy entropy and permutation entropy; constructing a preprocessing model for empirical mode decomposition and reconstruction of a TCP flow sequence, filtering noise components of the TCP flow sequence through the model, obtaining a sliding window sequence of TCP flow, and extracting four feature entropies of each window; giving a higher weight to the feature entropy with the large information contribution degree by using an entropy weight method to obtain a comprehensive score of the complexity of each TCP flow window. comparing with a threshold value obtained by logistic regression training, and judging that the window with the comprehensive score higher than the threshold value has the LDoS attack. According to the LDoS attack detection method based on the empirical mode decomposition, reconstruction and entropy weight method, the LDoS attack can be accurately detected, and the performance is stable.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to an EMDR-WE algorithm-based LDoS attack detection method. Background technique [0002] Denial of Service (DoS) attack is a network attack that spreads all over the world. It maliciously invades network resources, so that legitimate users cannot get normal services. Low-rate Denial of Service (LDoS) attack, as a new variant of DoS attack, was discovered and attracted the attention of the network security community. Unlike traditional DoS attacks, which continuously launch high-intensity attack traffic to occupy the bandwidth, LDoS attacks intermittently generate high-speed attack traffic, and use the security loopholes in the network adaptive mechanism to reduce the quality of service of the victim network. By reasonably setting the period of the LDoS attack, a high-intensity pulse attack is launched every time the TCP sender retransmits a data packet, which w...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40G06K9/00G06K9/62
CPCH04L63/1425H04L63/1458G06F2218/04G06F2218/08G06F18/214
Inventor 汤澹王小彩李欣萌刘泊儒姚苏庭郑思桥
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap