DWT和AKD的DDoS攻击检测方法研究
作者:
作者单位:

贵州大学计算机科学与技术学院

中图分类号:

TP393

基金项目:

国家自然科学基金项目(面上项目,重点项目,重大项目)


Research on DDoS attack detection method with DWT and AKD Auto-encoder
Author:
Affiliation:

College of Computer Science and Technology, Guizhou University

Fund Project:

The National Natural Science Foundation of China (General Program, Key Program, Major Research Plan)

  • 摘要
  • | |
  • 访问统计
  • |
  • 参考文献
  • | |
  • 引证文献
  • | |
  • 文章评论
    摘要:

    针对DDoS(Distributed denial of service)网络流量攻击检测效率低及误报率高的问题,本文提出了一种基于离散小波变换(Discrete Wavelet Transform DWT)和自适应知识蒸馏(Adaptive Knowledge Distillation AKD)自编码器神经网络的DDoS攻击检测方法。该方法利用离散小波变换提取频率特征,由自动编码器神经网络进行特征编码并实现分类,通过自适应知识蒸馏压缩模型,以实现高效检测DDoS攻击流量。研究结果表明,该方法对代理服务器攻击、数据库漏洞和TCP洪水攻击、UDP洪水攻击具有较高的检测效率,并且具有较低的误报率。

    Abstract:

    For the problem of low efficiency and high false alarm rate of DDoS (Distributed denial of service) network traffic attack detection, this paper proposes a DDoS attack detection method based on Discrete Wavelet Transform DWT and Adaptive Knowledge Distillation AKD. Distillation AKD) self-encoder neural network based DDoS attack detection method. The method uses discrete wavelet transform to extract frequency features, the auto-encoder neural network to encode and classify the features, and the adaptive knowledge distillation to compress the model in order to achieve efficient detection of DDoS attack traffic. The research results show that the method has high detection efficiency for proxy server attacks, database vulnerabilities and TCP flood attacks, UDP flood attacks, and has a low false alarm rate.

    参考文献
    [1] 国家互联网应急中心. 我国DDoS攻击资源分析报告[R].北京:国家互联网应急中心. 2022.National Internet Emergency Response Center. China DDoS attack resources analysis report[R].Beijing: National Internet Emergency Response Center.2022.
    [2] Awan M J, Farooq U, Babar H M A, et al. Real-time DDoS attack detection system using big data approach[J]. Sustainability, 2021, 13(19): 10743.
    [3] Ahuja N, Singal G. DDoS attack detection & prevention in SDN using OpenFlow statistics[C]//2019 IEEE 9th International Conference on Advanced Computing (IACC). IEEE, 2019: 147-152.
    [4] Wang M, Lu Y, Qin J. A dynamic MLP-based DDoS attack detection method using feature selection and feedback[J]. Computers & Security, 2020, 88: 101645.
    [5] Doshi R, Apthorpe N, Feamster N. Machine learning ddos detection for consumer internet of things devices[C]//2018 IEEE Security and Privacy Workshops (SPW). IEEE, 2018: 29-35.
    [6] Odumuyiwa V, Alabi R. DDOS Detection on Internet of Things Using Unsupervised Algorithms[J]. Journal of Cyber Security and Mobility, 2021: 569–592.
    [7] Yang K, Zhang J, Xu Y, et al. Ddos attacks detection with autoencoder[C]//NOMS 2020-2020 IEEE/IFIP network operations and management symposium. IEEE, 2020: 1-9.
    [8] Huang C, Yi P, Zou F, et al. CCID: Cross-Correlation identity distinction method for detecting shrew DDoS[J]. Wireless Communications and Mobile Computing, 2019, 2019.
    [9] Agrawal N, Tapaswi S. Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges[J]. IEEE Communications Surveys & Tutorials, 2019, 21(4): 3769-3795.
    [10] Zhou L, Guo H, Deng G. A fog computing based approach to DDoS mitigation in IIoT systems[J]. Computers & Security, 2019, 85: 51-62.
    [11] Agrawal N, Tapaswi S. Low rate cloud DDoS attack defense method based on power spectral density analysis[J]. Information Processing Letters, 2018, 138: 44-50.
    [12] Jose A S, Nair L R, Paul V. Towards Detecting Flooding DDOS Attacks Over Software Defined Networks Using Machine Learning Techniques[J]. REVISTA GEINTEC-GESTAO INOVACAO E TECNOLOGIAS, 2021, 11(4): 3837-3865.
    [13] Mishra A, Gupta N, Gupta B B. Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller[J]. Telecommunication systems, 2021, 77(1): 47-62.
    [14] Idhammad M, Afdel K, Belouch M. Semi-supervised machine learning approach for DDoS detection[J]. Applied Intelligence, 2018, 48(10): 3193-3208.
    [15] Liu Z, He Y, Wang W, et al. DDoS attack detection scheme based on entropy and PSO-BP neural network in SDN[J]. China Communications, 2019, 16(7): 144-155.
    [16] 周奕涛,张斌,刘自豪.基于多模态深度神经网络的应用层DDoS攻击检测模型[J].电子学报,2022,50(2):508-512.HOU Yitao, ZHANG Bin, LIU Zihao. Application Layer DDoS Detection Model Based on Multimodal Deep Learning Neural Network[J]. Acta Electronica Sinica,2022,50(2):508-512.
    [17] Li Y, Lu Y. LSTM-BA: DDoS detection approach combining LSTM and Bayes[C]//2019 Seventh International Conference on Advanced Cloud and Big Data (CBD). IEEE, 2019: 180-185.
    [18] 张安琳,张启坤,黄道颖,等.基于CNN与BiGRU融合神经网络的入侵检测模型[J].郑州大学学报:工学版,2022,43(3):37-43.HANG Anlin, ZHANG Qikun, HUANG Daoying, et al. Intrusion detection model based on CNN and BiGRU fusion neural network[J]. Journal of Zhengzhou University: Engineering Edition, 2022, 43(3): 37-43.
    [19] 赵志强,易秀双,李婕,等.基于GR-AD-KNN算法的IPv6网络DoS入侵检测技术研究[J].计算机科学,2021,48(S01):524-528.HAO Zhiqiang, YI Xiushuang, LI Jie, et al. Research on DoS intrusion detection technology for IPv6 networks based on GR-AD-KNN algorithm[J]. Computer Science, 2021,48(S01):524-528.
    [20] Wang Z, Li Z, He D, et al. A Lightweight Approach for Network Intrusion Detection in Industrial Cyber-Physical Systems Based on Knowledge Distillation and Deep Metric Learning[J]. Expert Systems with Applications, 2022: 117671.
    [21] Liu X, Ren J, He H, et al. Low-rate DDoS attacks detection method using data compression and behavior divergence measurement[J]. Computers & Security, 2021, 100: 102107.
    [22] Liu Z, Hu C, Shan C. Riemannian manifold on stream data: Fourier transform and entropy-based DDoS attacks detection method[J]. Computers & Security, 2021, 109: 102392.
    [23] Fouladi R F, Ermi? O, Anarim E. A DDoS attack detection and countermeasure scheme based on DWT and auto-encoder neural network for SDN[J]. Computer Networks, 2022, 214: 109140.
    [24] Bornmann L. How to analyse percentile impact data meaningfully in bibliometrics: The statistical analysis of distributions, percentile rank classes and top-cited papers[J]. arXiv preprint arXiv:1206.1741, 2012.
    [25] CANADIAN Institute For Cybersecurity. [EB/OL]. [2021-9-12].https://www.unb.ca/cic/datasets/ddos-2019.html.
    [26] STRATOSPHERE. Stratosphere Laboratory Datasets[EB/OL].[2021-10-13].https://www.tratosphereips.org/datasets-overview.
    相似文献
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

王博,万良,刘明盛,孙菡迪. DWT和AKD的DDoS攻击检测方法研究[J].南京信息工程大学学报,,():

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2022-09-19
  • 最后修改日期:2022-10-13
  • 录用日期:2022-11-09

地址:江苏省南京市宁六路219号    邮编:210044

联系电话:025-58731025    E-mail:nxdxb@nuist.edu.cn

南京信息工程大学学报 ® 2025 版权所有  技术支持:北京勤云科技发展有限公司