Approach of detecting low-rate DoS attack based on combined features
LDoS (low-rate denial of service) attack is a kind of RoQ (reduction of quality) attack which has the characteristics of low average rate and strong concealment.These characteristics pose great threats to the security of cloud computing platform and big data center.Based on network traffic analysis,...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2017-05-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017075/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539495508312064 |
|---|---|
| author | Zhi-jun WU Jing-an ZHANG Meng YUE Cai-feng ZHANG |
| author_facet | Zhi-jun WU Jing-an ZHANG Meng YUE Cai-feng ZHANG |
| author_sort | Zhi-jun WU |
| collection | DOAJ |
| description | LDoS (low-rate denial of service) attack is a kind of RoQ (reduction of quality) attack which has the characteristics of low average rate and strong concealment.These characteristics pose great threats to the security of cloud computing platform and big data center.Based on network traffic analysis,three intrinsic characteristics of LDoS attack flow were extracted to be a set of input to BP neural network,which is a classifier for LDoS attack detection.Hence,an approach of detecting LDoS attacks was proposed based on novel combined feature value.The proposed approach can speedily and accurately model the LDoS attack flows by the efficient self-organizing learning process of BP neural network,in which a proper decision-making indicator is set to detect LDoS attack in accuracy at the end of output.The proposed detection approach was tested in NS2 platform and verified in test-bed network environment by using the Linux TCP-kernel source code,which is a widely accepted LDoS attack generation tool.The detection probability derived from hypothesis testing is 96.68%.Compared with available researches,analysis results show that the performance of combined features detection is better than that of single feature,and has high computational efficiency. |
| format | Article |
| id | doaj-art-3d1aace46bc14739b8ffc8c51624b23d |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2017-05-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-3d1aace46bc14739b8ffc8c51624b23d2025-01-14T07:12:19ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2017-05-0138193059710047Approach of detecting low-rate DoS attack based on combined featuresZhi-jun WUJing-an ZHANGMeng YUECai-feng ZHANGLDoS (low-rate denial of service) attack is a kind of RoQ (reduction of quality) attack which has the characteristics of low average rate and strong concealment.These characteristics pose great threats to the security of cloud computing platform and big data center.Based on network traffic analysis,three intrinsic characteristics of LDoS attack flow were extracted to be a set of input to BP neural network,which is a classifier for LDoS attack detection.Hence,an approach of detecting LDoS attacks was proposed based on novel combined feature value.The proposed approach can speedily and accurately model the LDoS attack flows by the efficient self-organizing learning process of BP neural network,in which a proper decision-making indicator is set to detect LDoS attack in accuracy at the end of output.The proposed detection approach was tested in NS2 platform and verified in test-bed network environment by using the Linux TCP-kernel source code,which is a widely accepted LDoS attack generation tool.The detection probability derived from hypothesis testing is 96.68%.Compared with available researches,analysis results show that the performance of combined features detection is better than that of single feature,and has high computational efficiency.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017075/low-rate denial of service attackunited featuresBP neural networkanomaly detection |
| spellingShingle | Zhi-jun WU Jing-an ZHANG Meng YUE Cai-feng ZHANG Approach of detecting low-rate DoS attack based on combined features Tongxin xuebao low-rate denial of service attack united features BP neural network anomaly detection |
| title | Approach of detecting low-rate DoS attack based on combined features |
| title_full | Approach of detecting low-rate DoS attack based on combined features |
| title_fullStr | Approach of detecting low-rate DoS attack based on combined features |
| title_full_unstemmed | Approach of detecting low-rate DoS attack based on combined features |
| title_short | Approach of detecting low-rate DoS attack based on combined features |
| title_sort | approach of detecting low rate dos attack based on combined features |
| topic | low-rate denial of service attack united features BP neural network anomaly detection |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017075/ |
| work_keys_str_mv | AT zhijunwu approachofdetectinglowratedosattackbasedoncombinedfeatures AT jinganzhang approachofdetectinglowratedosattackbasedoncombinedfeatures AT mengyue approachofdetectinglowratedosattackbasedoncombinedfeatures AT caifengzhang approachofdetectinglowratedosattackbasedoncombinedfeatures |