• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Conference on Computer Application and System Modeling >Detecting DDoS attacks using conditional entropy
【24h】

Detecting DDoS attacks using conditional entropy

机译:使用条件熵检测DDOS攻击

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Distributed denial of service (DDoS) attacks is one of the major threats to the current Internet. After analyzing the characteristics of DDoS attacks and the existing approaches to detect DDoS attacks, a novel detection method based on conditional entropy is proposed in this paper. First, a group of statistical features based on conditional entropy is defined, which is named Traffic Feature Conditional Entropy (TFCE), to depict the basic characteristics of DDoS attacks, such as high traffic volume and Multiple-to-one relationships. Then, a trained support vector machine (SVM) classifier is applied to identify the DDoS attacks. We experiment with the MIT Data Set in order to evaluate our approach. The results show that the proposed method not only can distinguish between attack traffic and normal traffic accurately, but also is more robustness to resist disturbance of background traffic compared with its counterparts.
机译:分布式拒绝服务(DDOS)攻击是目前互联网的主要威胁之一。在分析DDOS攻击的特征和检测DDOS攻击的现有方法之后,本文提出了一种基于条件熵的新型检测方法。首先,定义了基于条件熵的一组统计特征,其被命名为流量特征条件熵(TFCE),以描述DDOS攻击的基本特征,例如高流量卷和多对一关系。然后,应用训练有素的支持向量机(SVM)分类器来标识DDOS攻击。我们试验MIT数据集,以评估我们的方法。结果表明,该方法不仅可以确定攻击流量和正常流量,而且与其对应物相比,抵抗背景流量的干扰也更具稳健性。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号