计算机应用与软件2013,Vol.30Issue(6):307-311,5.DOI:10.3969/j.issn.1000-386x.2013.06.082
基于小波分析与信息熵的DDoS攻击检测算法
DDOS ATTACK DETECTION ALGORITHM BASED ON WAVELET ANALYSIS AND INFORMATION ENTROPY
王新生 1张锦平1
作者信息
- 1. 燕山大学信息科学与工程学院 河北秦皇岛066004
- 折叠
摘要
Abstract
Among the DDoS (Distributed Denial of Service) attack detection methods,the one based on self-similarity of network traffic is an abnormal detection method and is sensitive to the changes in network traffic and has higher detection rate but with higher false alarm rate as well.In this paper,we analyse the traditional self-similarity based method and the events of traffic anomaly may caused in the network,on that basis we propose an improved detection algorithm WAIE.The new algorithm uses wavelet analysis to calculate the Hurst index of network traffic and introduces the information entropy in information theory to measure the dispersion degree of source IP addresses.WAIE can adaptively set the thresholds to detect the occurrence of attacks according to the variations of Hurst index and entropy value in initial stage.Experiments are carried out using the dataset issued by Lincoln Laboratory of MIT and the dataset collected in laboratory environment,the results of experiments show that the algorithm can accurately detect the occurrence of attacks.关键词
DDoS攻击检测/小波分析/Hurst指数/熵值Key words
DDoS attack detection / Wavelet analysis / Hurst index / Entropy value分类
信息技术与安全科学引用本文复制引用
王新生,张锦平..基于小波分析与信息熵的DDoS攻击检测算法[J].计算机应用与软件,2013,30(6):307-311,5.
