软件定义网络中基于贝叶斯ARTMAP的DDoS攻击检测模型  被引量:11

DDoS attack detection model based on Bayesian ARTMAP in software-defined networks

在线阅读下载全文

作  者:刘振鹏[1] 张庆文 李泽园 刘嘉航 董姝慧 赵永刚 LIU Zhenpeng;ZHANG Qingwen;LI Zeyuan;LIU Jiahang;DONG Shuhui;ZHAO Yonggang(School of Electronic Information Engineering,Hebei University,Baoding 071002,China;School of Management Engineering and Business,Hebei University of Engineering,Handan 056038,China)

机构地区:[1]河北大学电子信息工程学院,河北保定071002 [2]河北工程大学管理工程与商学院,河北邯郸056038

出  处:《河北大学学报(自然科学版)》2021年第6期728-733,共6页Journal of Hebei University(Natural Science Edition)

基  金:河北省自然科学基金资助项目(F2019201427);教育部“云数融合科教创新”基金资助项目(2017A20004)。

摘  要:为解决SDN(software defined network,软件定义网络)架构下DDoS(distributed denial of service,分布式拒绝服务)攻击检测问题,提出基于贝叶斯ARTMAP的DDoS攻击检测模型.流量统计模块主要收集捕获到的流表信息,特征提取模块提取流表中的关键信息并获取关键特征,分类检测模块通过贝叶斯ARTMAP提取分类规则,并通过粒子群算法对参数进行优化,对新的数据集进行分类检测.仿真实验证明了模型所提取的5元特征的有效性,并且该模型与3种传统的DDoS攻击检测模型相比检测成功率提高了0.96%~3.71%,误警率降低了0.67%~2.92%.In order to solve the problem of distributed denial of service(DDoS)attack detection under software defined network(SDN)architecture,a DDoS attack detection model based on Bayesian ARTMAP is proposed:the traffic statistics module mainly collects the captured flow table information,and then sends it to the feature extraction module.The feature extraction module extracts the key information in the flow table and provides the key features according to the set method,and these features are finally sent to the classification detection module.Classification detection module extracts classification rules by Bayesian ARTMAP,and optimizes parameters by particle swarm optimization to classify new data sets.Experiments show that the 5 yuan features extracted by the model are effective,and the detection success rate of the model is increased by 0.96%-3.71%,and the false alarm rate is reduced by 0.67%-2.92%compared with the three DDoS attack detection models based on C4.5 decision tree,feature pattern graph model and K-means algorithm model.

关 键 词:软件定义网络 DDOS攻击 贝叶斯ARTMAP 特征提取 检测模型 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象