J4 ›› 2008, Vol. 30 ›› Issue (12): 23-26.
• 论文 • 上一篇 下一篇
刘运 殷建平 程杰仁 蔡志平
出版日期:
发布日期:
Online:
Published:
摘要:
分布式拒绝服务(DDoS)攻击是当前主要的网络安全威胁之一。本文分析了DDoS攻击的本质特征,提出了结合流量及流特征分布熵的检测策略,并根据问题需要改进了k—mea ns聚类算法,并用之建立攻击检测模型。最后,使用LLDOS1.0数据集对该模型进行测试。实验结果表明,该模型具有良好的检测精度,验证了检测策略的有效性。
关键词: 分布式拒绝服务攻击 流特征分布熵 k&mdash, means聚类算法
Abstract:
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. This paper analyses the essential characteristics of DDoS attack s, and presents a novel detection scheme by combining the traffic volume with traffic feature distribution entropy. Furthermore, we improve the k-means clustering algorithm, which is used to establish the attack detection model. Finally we test our detection model on the LLDOS1.0 dataset. The experiment al results indicate that the model leads to an improved accuracy of attack detection.
Key words: DDoS attack, traffic feature distribution entropy, k-means clustering algorithm
刘运 殷建平 程杰仁 蔡志平. 基于k—Means改进算法的分布式拒绝服务攻击检测[J]. J4, 2008, 30(12): 23-26.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://joces.nudt.edu.cn/CN/
http://joces.nudt.edu.cn/CN/Y2008/V30/I12/23