基于简单统计特征的LDoS攻击检测方法  被引量：8

作　　者：段雪源 付钰[1] 王坤 李彬[1] DUAN Xueyuan;FU Yu;WANG Kun;LI Bin(Department of Information Security,Naval University of Engineering,Wuhan 430033,China;College of Computer and Information Technology,Xinyang Normal University,Xinyang 464000,China;Henan Key Laboratory of Analysis and Applications of Education Big Data,Xinyang Normal University,Xinyang 464000,China;School of Mathematics and Information Engineering,Xinyang Vocational and Technical College,Xinyang 464000,China)

机构地区：[1]海军工程大学信息安全系,湖北武汉430033 [2]信阳师范学院计算机与信息技术学院,河南信阳464000 [3]信阳师范学院河南省教育大数据分析与应用重点实验室,河南信阳464000 [4]信阳职业技术学院数学与信息工程学院,河南信阳464000

出　　处：《通信学报》2022年第11期53-64,共12页Journal on Communications

基　　金：国家重点研发计划基金资助项目(No.2018YFB0804104)。

摘　　要：传统的低速率拒绝服务(LDoS)攻击检测方法存在特征提取复杂、计算开销大、实验背景单一和攻击场景过时等问题,难以满足现实网络环境对LDoS攻击检测的需求。通过研究LDoS攻击原理,分析LDoS攻击流量的特征,提出一种基于网络流简单统计特征的LDoS攻击检测方法。根据网络流量数据包的简单统计特征构造检测数据序列,利用深度学习技术学习输入样本的时间关联性特征,并根据重构序列与原输入序列的差异进行LDoS攻击判定。实验结果表明,所提方法能够有效地检测出流量中的LDoS攻击流量,且对异构网络流量具有较强的适应性。Traditional low-rate denial of service(LDoS)attack detection methods were complex in feature extraction,high in computational cost,single in experimental data background settings,and outdated in attack scenarios,so it was difficult to meet the demand for LDoS attack detection in a real network environment.By studying the principle of LDoS attack and analyzing the features of LDoS attack traffic,a detection method of LDoS attack based on simple statistical features of network traffic was proposed.By using the simple statistical features of network traffic packets,the detection data sequence was constructed,the time correlation features of input samples were extracted by deep learning technology,and the LDoS attack judgment was made according to the difference between the reconstructed sequence and the original input sequence.Experimental results show that the proposed method can effectively detect the LDoS attack traffic in traf-fic and has strong adaptability to heterogeneous network traffic.

关 键 词：统计特征 深度学习 低速率拒绝服务 攻击检测 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]