软件定义网络环境下的低速率拒绝服务攻击检测方法  被引量:5

Low-rate denial-of-service attack detection method under software defined network environment

在线阅读下载全文

作  者:刘向举[1] 路小宝 方贤进[1] 尚林松 LIU Xiangju;LU Xiaobao;FANG Xianjin;SHANG Linsong(School of Computer Science and Engineering,Anhui University of Science and Technology,Huainan Anhui 232001,China)

机构地区:[1]安徽理工大学计算机科学与工程学院,安徽淮南232001

出  处:《计算机应用》2022年第4期1301-1307,共7页journal of Computer Applications

基  金:国家自然科学基金资助项目(61572034);安徽省科技重大专项(18030901025)。

摘  要:低速率拒绝服务(LDoS)攻击是一种拒绝服务(DoS)攻击改进形式,因其攻击平均速率低、隐蔽性强,使得检测LDoS攻击成为难点。针对上述难点,提出了一种在软件定义网络(SDN)的架构下,基于加权均值漂移-K均值算法(WMS-Kmeans)的LDoS攻击检测方法。首先,通过获取OpenFlow交换机的流表信息,分析并提取出SDN环境下LDoS攻击流量的六元组特征;然后,利用平均绝对值百分比误差作为均值漂移聚类中欧氏距离的权值,以此产生的簇心作为K-Means的初始中心对流表进行聚类,从而实现LDoS攻击的检测。实验结果表明:在SDN环境下,所提方法对LDoS攻击具有较好的检测性能,平均检测率达到99.29%,平均误警率和平均漏警率分别为1.97%和0.69%。Low-rate Denial of Service(LDoS)attack is an improved form of Denial of Service(DoS)attack,which is difficult to detect due to its low average attack rate and strong concealment.To solve the above difficulty,a LDoS attack detection method based on Weighted Mean-Shift K-Means algorithm(WMS-Kmeans)under the architecture of SoftwareDefined Network(SDN)was proposed.Firstly,by obtaining the flow table information of OpenFlow switch,the six-tuple characteristics of LDoS attack traffic in SDN environment were analyzed and extracted.Then,the percentage error of average absolute value was used as the weight of the Euclidean distance in the mean shift clustering,and the resulting cluster center was used as the initial center of K-Means to cluster the flow table,so as to realize the detection of LDoS attacks.The experimental results show that the proposed method has high detection performance against LDoS attacks in the SDN environment,with an average detection rate of 99.29%,an average false alarm rate of 1.97%and an average missing alarm rate of 0.69%.

关 键 词:软件定义网络 低速率拒绝服务攻击 加权均值漂移-K均值算法 攻击检测 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象