LDDoS attack detection method based on wavelet decomposition and sliding windows

LDDoS attack detection method based on wavelet decomposition and sliding windows

导出

摘要 As a special type of distributed denial of service(DDoS) attacks, the low-rate DDoS(LDDoS) attacks have characteristics of low average rate and strong concealment, thus, it is hard to detect such attacks by traditional approaches. Through signal analysis, a new identification approach based on wavelet decomposition and sliding detecting window is proposed. Wavelet decomposition extracted from the traffic are used for multifractal analysis of traffic over different time scale. The sliding window from flow control technology is designed to identify the normal and abnormal traffic in real-time. Experiment results show that the proposed approach has advantages on detection accuracy and timeliness. As a special type of distributed denial of service(DDoS) attacks, the low-rate DDoS(LDDoS) attacks have characteristics of low average rate and strong concealment, thus, it is hard to detect such attacks by traditional approaches. Through signal analysis, a new identification approach based on wavelet decomposition and sliding detecting window is proposed. Wavelet decomposition extracted from the traffic are used for multifractal analysis of traffic over different time scale. The sliding window from flow control technology is designed to identify the normal and abnormal traffic in real-time. Experiment results show that the proposed approach has advantages on detection accuracy and timeliness.

作者 Liu Liang Feng Wenzhi Wu Zhijun Yue Meng

机构地区 School of Electronic Information and Automation

出处《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2020年第1期51-61,共11页 中国邮电高校学报（英文版）

基金 supported by the Joint Funds of National Natural Science Foundation of China and Civil Aviation Administration of China (U1933108) the National Science Foundation for Young Scientists of China (61601467) the Key Program of Natural Science Foundation of Tianjin (17JCZDJC30900) the Fundamental Research Funds for the Central Universities of China (3122019051).

关键词 low-rate distributed DENIAL of SERVICE ATTACKS WAVELET analysis SLIDING windows detection low-rate distributed denial of service attacks wavelet analysis sliding windows detection

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献4

1何炎祥,曹强,刘陶,韩奕,熊琦.一种基于小波特征提取的低速率DoS检测方法[J].软件学报,2009,20(4):930-941. 被引量：21
2张长旺,殷建平,蔡志平,刘新旺,林加润,朱明.抗DDoS攻击的主动队列管理算法[J].软件学报,2011,22(9):2182-2192. 被引量：4
3王建设,徐忠根.基于分形理论的网络流量异常检测技术[J].科学技术与工程,2018,18(14):48-53. 被引量：4
4吴志军,岳猛.基于卡尔曼滤波的LDDoS攻击检测方法[J].电子学报,2008,36(8):1590-1594. 被引量：15

二级参考文献51

1卢锡城,张明杰,朱培栋.自适应PI主动队列管理算法[J].软件学报,2005,16(5):903-910. 被引量：19
2纪其进,董永强.一种链路负载自适应的主动队列管理算法[J].软件学报,2006,17(5):1140-1148. 被引量：7
3杨吉文,顾诞英,张卫东.主动队列管理中PID控制器的解析设计方法[J].软件学报,2006,17(9):1989-1995. 被引量：6
4Kuzmanovic A, Knightly EW. Low-Rate TCP-targeted denial of service attacks--the shrew vs. the mice and elephants. In: Proc. of the ACM SIGCOMM 2003. New York: ACM Press, 2003. 75-86. http://byte.csc.lsu.edu/-durresi/7502/reading/p75-kuzmanovic. pdf. 被引量：1
5Sarat S, Terzis A. On the effect of router buffer sizes on low-rate denial of service attacks. In: Proc. of the 14th Int'l Conf. on Computer Communications and Networks (ICCCN 2005). New York: IEEE Press, 200S. 281-286. http://www.cs.jhu.edu/-sarat/ ICCCN05.pdf. 被引量：1
6Kwok YK, Tripathi R, Chen Y, Hwang K. HAWK: Halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks. In: Proc. of the 3rd Int'l Conf. on Networking and Mobile Computing (ICCNMC 2005). New York: Springer-Verlag, 2005.423-432. http://gridsec.usc.edu/files/TR/HAWK-ICCNMC2005-CameraReady.pdf. 被引量：1
7Sun H, Lui JCS, Yau DKY. Defending against low-rate TCP attacks: Dynamic detection and protection. In: Proc. of the 12th IEEE Int'l Conf. on Network Protocols (ICNP 2004). New York: IEEE Press, 2004. 196-205. http://www.cse.cuhk.edu.hk/-cslui/ PUBLICATION/icnp_lowrate.pdf. 被引量：1
8Sun H, Lui JCS, Yau DKY. Distributed mechanism in detecting and defending against the low-rate TCP attack. Computer Networks, 2006,50(13):2312-2330. 被引量：1
9Chen Y, Hwang K. Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. Journal of Parallel and Distributed Computing, 2006,66(9): 1137-1151. 被引量：1
10Guirguis M, Bestavros A, Matta I. Exploiting the transients of adaptation for RoQ attacks on Internet resources. In: Proc. of the 12th IEEE Int'l Conf. on Network Protocols (ICN-P 2004). New York: IEEE Press, 2004. 184-195. http://www.ieee-icnp.org/ 2004/papers/5-2.pdf. 被引量：1

共引文献34

1吴黎兵,徐翱,何炎祥,王超.针对RED的LDoS攻击模型[J].华中科技大学学报（自然科学版）,2010,38(9):50-54.
2吴志军,裴宝崧.基于小信号检测模型的LDoS攻击检测方法的研究[J].电子学报,2011,39(6):1456-1460. 被引量：9
3周刚,刘渊.低速率TCP拒绝服务攻击的小波检测方法[J].计算机工程与应用,2011,47(32):115-117. 被引量：1
4段谟意.一种新的Ad Hoc网络主动队列管理方法[J].微电子学与计算机,2012,29(12):108-111.
5冯永,姚龙海.DDoS攻击下Ad hoc网络队列管理算法研究与仿真[J].计算机应用研究,2012,29(12):4648-4650.
6李锦玲,汪斌强,张震.基于流量分析的App-DDoS攻击检测[J].计算机应用研究,2013,30(2):487-490. 被引量：7
7马建红,姬莉霞,文坤.Shrew攻击对拥塞控制协议的影响及仿真分析[J].河南科技大学学报（自然科学版）,2013,34(4):51-56. 被引量：2
8荣宏,王会梅,鲜明,施江勇.基于快速独立成分分析的RoQ攻击检测方法[J].电子与信息学报,2013,35(10):2307-2313. 被引量：10
9施江勇,鲜明,王会梅,刘建.基于随机Petri网模型的降质服务攻防效果评估[J].计算机科学,2014,41(7):58-61. 被引量：4
10吴志军,李光,岳猛.基于信号互相关的低速率拒绝服务攻击检测方法[J].电子学报,2014,42(9):1760-1766. 被引量：16

1赵若汀.气候变化影响下美国环境法的“结构性”变化[J].世界环境,2020,0(1):88-88.
2Qinghao Zhao,Haiyan Xu,Yongjian Wu.The decision-making of treatment and outcome in elderly Chinese patients with severe aortic stenosis[J].中国循环杂志,2018,33(S01):143-144.
3Dima Suleiman,Mariam Itriq,Aseel Al-Anani,Rola Al-Khalid,Amjad Hudaib.Enhancing ERS-A Algorithm for Pattern Matching (EERS-A)[J].Journal of Software Engineering and Applications,2015,8(3):143-153. 被引量：1
4ZHENG Yongcheng.Why don’t people believe thedangers of climate change?[J].校园英语,2020(6):255-256.
5Amjad Hudaib,Rola Al-Khalid,Aseel Al-Anani,Mariam Itriq,Dima Suleiman.Four Sliding Windows Pattern Matching Algorithm (FSW)[J].Journal of Software Engineering and Applications,2015,8(3):154-165. 被引量：1
6T.M.Alamelu Manghai,R.Jegadeeshwaran.Feature-Based Vibration Monitoring of a Hydraulic Brake System Using Machine Learning[J].Structural Durability & Health Monitoring,2017,11(2):149-167.
7宋贺,王晓锋.基于轻量级虚拟化的LDDoS仿真方法[J].计算机工程,2020,46(3):105-113. 被引量：5
8Yanjun WANG,Yunfei ZHANG,Shujun GAO,Clarence WDE SILVA.Robot Interaction Force Estimation Using an Adaptive Sliding Mode Observer[J].Instrumentation,2019,6(2):8-20. 被引量：1
9刘茹佳,陈颖,钟志鹏,焦杨.两种算法在非小细胞肺癌调强放疗中的剂量学比较[J].中国辐射卫生,2019,28(6):705-708. 被引量：7
10Jieren Cheng,Ruomeng Xu,Xiangyan Tang,Victor S.Sheng,Canting Cai.An Abnormal Network Flow Feature Sequence Prediction Approach for DDoS Attacks Detection in Big Data Environment[J].Computers, Materials & Continua,2018(4):95-119. 被引量：20

The Journal of China Universities of Posts and Telecommunications

2020年第1期

浏览历史

内容加载中请稍等...

LDDoS attack detection method based on wavelet decomposition and sliding windows

参考文献4

二级参考文献51

共引文献34

相关作者

相关机构

相关主题

浏览历史