西安电子科技大学学报

• 研究论文 • 上一篇    下一篇

采用符号动力学方法检测低速率拒绝服务攻击

杨宝旺   

  1. (宁波大学 科学技术学院,浙江 宁波 315212)
  • 收稿日期:2017-05-15 出版日期:2018-02-20 发布日期:2018-03-23
  • 作者简介:杨宝旺(1983-),男,硕士,E-mail: yangbaowang@nbu.edu.cn
  • 基金资助:

    国家自然科学基金资助项目(61573235)

Low-rate-denial-of-service attack detection by symbolic dynamics method

YANG Baowang   

  1. (College of Science & Technology, Ningbo Univ., Ningbo 315212, China)
  • Received:2017-05-15 Online:2018-02-20 Published:2018-03-23

摘要:

针对低速率拒绝服务攻击引起的网络安全问题,提出采用符号动力学方法对其进行检测通过将采样得到的数据包数量信号转化为对应的符号序列,并计算符号序列的熵值,发现低速率拒绝服务攻击具有令数据包数量信号信息复杂度激增的特点,从而能够结合预先设定的熵阈值进行比较识别.分别在仿真环境和实际测试服务器上进行了算法验证,实验结果表明,文中所提算法对低速率拒绝服务攻击辨识平均准确度超过92%.

关键词: 低速拒绝服务攻击, 符号动力学, 熵, 信息复杂度, 阈值, 网络安全

Abstract:

In terms of the network security problem caused by Low-rate-Denial-of-Service attack, this paper proposes a symbolic dynamics method to detect such attacks. The number of packets sampled signals is transferred into the symbol sequence and the calculate the entropy corresponding to the symbol sequence. There is a significant increase in packets number signal information complexity caused by Low-rate-Denial-of-Service attack arrival, which can be compared with a default entropy threshold for recognition. We verify the algorithm in the simulation environment and the actual test servers respectively and the experimental results show that the proposed algorithm has an average accuracy of 92% to achieve the Low-rate-Denial-of-Service attack recognition.

Key words: low-rate-denial-of-service attack, symbolic dynamics, entropy, information complexity, threshold, network security