基于人工蜂群算法的计算机网络DDoS攻击防御技术研究  

作　　者：徐鸣 XU Ming(Nanjing Branch of Sinopec Shared Service Co.,Ltd.,Nanjing 210018,China)

机构地区：[1]中国石化共享服务有限公司南京分公司,南京210018

出　　处：《计算机应用文摘》2025年第3期147-149,153,共4页

摘　　要：现代DDoS攻击往往采用混合攻击模式,攻击者会同时结合多种攻击类型。而不同类型的攻击流量具有不同特征,当它们混合在一起时,会干扰防御系统对攻击特征的准确识别,导致DDoS攻击防御性能下降。在此背景下,文章研究了基于人工蜂群算法的计算机网络DDoS攻击防御技术。首先,构建计算机网络DDoS攻击特征提取模型,对特征进行提取。然后,根据提取到的DDoS攻击数据特征,应用人工蜂群算法对攻击行为进行辨识。最后,针对辨识出的攻击行为进行防御。在防御过程中,采用TSD防御策略对网络端口进行封禁,并对报文进行过滤,仅保留非攻击报文来完成攻击防御。实验结果表明,实验组的振幅在0~1 kbps范围内,网络流量受到的攻击程度最低;在防御机制启动后,成功封禁了攻击端口,报文速率降到了100 pps,如预期回归正常水平,能够减少产生的额外报文,从而完成更好的攻击防御。Modern DDoS attacks often adopt a mixed attack mode.Attackers combine multiple attack types at the same time,and different types of attack traffic have different characteristics.When they are mixed together,the defense system can interfere with the accurate identification of attack characteristics,and the defense performance of DDoS attacks deteriorates.Based on this,this paper studies the technology of computer network DDoS attack defense based on artificial bee colony algorithm.Firstly,the feature extraction model of computer network DDoS attack is constructed to extract the features.Then,according to the characteristics of the extracted DDoS attack data,the artificial swarm algorithm is applied to identify the attack behavior.Finally,defense against the identified aggressive behavior.In the defense process,the TSD defense policy blocks network ports and filters packets to retain only non-attack packets.The experimental results show that the amplitude of the experimental group is in the range of 0~1 kbps,and the network traffic is attacked least.After the defense mechanism is enabled,the attack port is blocked and the packet rate is reduced to 100 pps.If the defense mechanism returns to the normal level,the extra packets generated can be reduced and the attack defense is better.

关 键 词：人工蜂群算法 计算机 网络 DDOS 防御 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]