电子学报2011,Vol.39Issue(6):1456-1460,5.
基于小信号检测模型的LDoS攻击检测方法的研究
The Detection of LDoS Attack Based on the Model of Small Signal
摘要
Abstract
Low-rate denial of service(LDoS)is a new class of DoS attack, which exploits the deficiencies of the minimum RTO of TCP to send out attack packets about 10%-20% of normal trafic in short periodic pulses to a victim. It is hard to be detected through traditional detection mechanism. In this paper, an approach of detecting LDoS sttack based on the model of small signal is proposed. The proposed approach takes statistics on the packets arriving in 30 seconds (sampling time is 10ms,total of 3000 sampling points),and compares the statistical result with the characteristic judging value,which is settled as a threshold to indicate the difference between normal and attack flow. An eigenvalue-estimating matrix is established to estimate the attack period after LDoS attack being detected. Sirmulation results in NS-2 environment show that the proposed approach can detect the LDoS attack effectively.关键词
低速率拒绝服务攻击/小信号/检测/漏值多点数字平均Key words
low-rate denial of service (LDoS) /small signal/detection/ multiple sampling averaging based on missing sam-pling (MSABMS)分类
信息技术与安全科学引用本文复制引用
吴志军,裴宝崧..基于小信号检测模型的LDoS攻击检测方法的研究[J].电子学报,2011,39(6):1456-1460,5.基金项目
国家自然科学基金委员会与中国民用航空总局联合资助(No.60776808) (No.60776808)
天津市应用基础及前沿技术研究计划(No.09JCYBJC00400) (No.09JCYBJC00400)
2010年度中央高校基本科研业务费中国民航大学专项(No.ZXH2010B004) (No.ZXH2010B004)
