检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:苟峰 余谅[1] 盛钟松 GOU Feng;YU Liang;SHENG Zhong-Song(College of Computer Science,Sichuan University,Chengdu 610065,China)
出 处:《四川大学学报(自然科学版)》2020年第3期476-482,共7页Journal of Sichuan University(Natural Science Edition)
基 金:国家自然科学基金(61872255)。
摘 要:低速率拒绝服务LDoS攻击具有流量发送速率低、隐蔽性强、具有突发性以及造成危害大的特点,融入正常流量中难以被传统的DoS攻击检测机制发现.针对该攻击方式突发性特点,分析路由器受到LDoS攻击时流量特征的统计异常,将路由器入口流量的均值与正常阈值相比较,提出了基于累积和CUSUM算法的检测方法.该方法基于突变假设检验,对到达流量分析变点前后流量的累积和特征,通过将分析得到的累积和与设定的门限值比较来实现LDoS攻击的检测.实验通过调整算法参数来优化检测性能,通过基于NS-2搭建的仿真实验平台表明,该方法具有较好的检测性能.Low-rate Denial of Service(LDoS) attacks,with the characteristics of low traffic transmission rate, strong concealment, burstiness and great harm, are difficult to be detected by traditional DoS detection mechanism.According to the sudden characteristics of the attack mode,the statistical abnormality of the traffic characteristics is analyzed when the router is attacked by the LDoS attack. Comparing the mean value of the router’s ingress traffic with the normal threshold, a detection method based on the CUSUM(Cumulative Sum) algorithm is proposed, which is based on the mutation hypothesis test, and the accumulation and characteristics of the flow before and after the change of the arrival flow analysis.The LDoS attack is detected by comparing the accumulated sum of the analysis with the set threshold.The experiment optimizes the detection performance by adjusting the algorithm parameters.The simulation experiment platform based on NS-2 shows that the method has better detection performance.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222