###
Journal of Software:2020.31(5):1549-1562

基于小波能谱熵和隐半马尔可夫模型的LDoS攻击检测
吴志军,李红军,刘亮,张景安,岳猛,雷缙
(中国民航大学 电子信息与自动化学院, 天津 300300)
Detection of LDoS Attacks Based on Wavelet Energy Entropy and Hidden Semi-Markov Models
WU Zhi-Jun,LI Hong-JUN,LIU Liang,ZHANG Jing-An,YUE Meng,LEI Jin
(College of Electronic Information and Automation, Civil Aviation University of China, Tianjin 300300, China)
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 180   Download 46
Received:January 26, 2018    Revised:May 17, 2018
> 中文摘要: 低速率拒绝服务(low-rate denial of service,简称LDoS)攻击采用周期性发送短脉冲数据包的方式攻击云计算平台和大数据中心,导致连接用户的路由器丢包和数据链路传输性能下降.LDoS攻击流量平均速率很低,具有极强的隐蔽性,很难被检测到.在分析LDoS攻击流量的基础上,通过小波变换得到网络流量的小波能谱熵,并以此作为隐半马尔可夫模型(HSMM)的输入,设计采用HSMM网络模型的LDoS攻击判决分类器,提出了基于小波能谱熵和隐半马尔可夫模型的LDoS攻击检测方法.该检测方法在NS-2和Test-bed环境中分别进行了测试.实验结果表明,该方法具有较好的检测性能,通过假设检验得出检测率为96.81%.
Abstract:Low-rate denial of service (LDoS) attack can cause the packets loss of the legitimate users and reduce the transmission performance of the transport system by sending short bursts of packets periodically. The LDoS attack flows always mix with the legitimate traffic, hence, it is hard to be detected. This study designs an LDoS attack classifier based on network model, which uses hidden semi-Markov model (HSMM), and deploys a decision indicator to detect LDoS attacks. In this method, wavelet transform is exploited to compute the network traffic’s wavelet energy spectrum entropy, which is used as the input of the HSMM. The proposed detection method has been evaluated in NS-2 and Test-bed, and experimental results show that it achieves a better performance with detection rate of 96.81%.
文章编号:     中图分类号:TP309    文献标志码:
基金项目:国家自然科学基金委员会与中国民航局联合基金(U1933108);天津市教委科研项目(2019KJ117) 国家自然科学基金委员会与中国民航局联合基金(U1933108);天津市教委科研项目(2019KJ117)
Foundation items:Joint Foundation of National Natural Science Foundation of China and Civil Aviation Adminstration of China (U1933108); Scienti?c Research Project of Tianjin Municipal Education Commission (2019KJ117)
Reference text:

吴志军,李红军,刘亮,张景安,岳猛,雷缙.基于小波能谱熵和隐半马尔可夫模型的LDoS攻击检测.软件学报,2020,31(5):1549-1562

WU Zhi-Jun,LI Hong-JUN,LIU Liang,ZHANG Jing-An,YUE Meng,LEI Jin.Detection of LDoS Attacks Based on Wavelet Energy Entropy and Hidden Semi-Markov Models.Journal of Software,2020,31(5):1549-1562