计算机工程与应用2012,Vol.48Issue(31):82-88,7.DOI:10.3778/j.issn.1002-8331.2012.31.019
一种基于小波分析的DDoS攻击检测方法
Detecting method for DDoS attack based on wavelet analysis
摘要
Abstract
On the basis of analyzing the fractal property of network traffic and the features of Distributed Denial of Service (DDoS) attacks, a method of DDoS attack detection based on wavelet analysis is presented, and the attack detection model is designed. It judges the fractal features of network traffic, then adopts a method of variance of Hurst exponent based on wavelet analysis detect attack when it is self-similar or a method of Holder exponent based on multi-window wavelet analysis detect attack when it is multi-fractal. On the DARPA/Lincoln laboratory intrusion detection evaluation data set 2000, the experimental results show that this method is effective, and detection rate is high on the big background traffic DDoS attack, low-rate DDoS attack, and reflection DDoS attack, which is better than the traditional method.关键词
分布式拒绝服务/自相似性/多重分形/Hurst参数/Holder指数/多窗口小波分析Key words
Distributed Denial of Service (DDoS)/ self-similar/ multi-fractal/ Hurst parameter/ Holder exponent/multi-window wavelet analysis分类
信息技术与安全科学引用本文复制引用
任义龙,刘渊..一种基于小波分析的DDoS攻击检测方法[J].计算机工程与应用,2012,48(31):82-88,7.基金项目
国家自然科学基金(No.60875036). (No.60875036)
