To solve the problem of low detection rate and long detection time of the existing DoS attack detection algorithm, a DoS attack detection algorithm was proposed based on higher-order statistics. The network traffic data packets were segmented and quantified in the algorithm. Followed, the characteristics of the accumulation was extracted which was applied to the detection of DoS attacks. By analyzing the 1998 DARPA intrusion detection data set, the algorithm can effectively detect DoS attacks. Compared with the traditional anomaly detection method entropy based on network traffic, the detection accuracy is greatly improved. In the time window of 1 s, the detection rate increases by 8%.%针对现有DoS攻击检测算法中检测率较低,检测时间较长的问题,提出一种基于高阶统计量的DoS攻击检测算法.算法分割并量化网络流量数据包,提取累积量特征,将累积量应用到DoS攻击检测中.通过分析1998 DARPA入侵检测数据集,该算法能够有效检测DoS攻击.相对于传统基于网络流量熵值的异常检测法,该算法在检测精度上有较大提高,在1s的时间窗口内,检测率提高了8%.
展开▼
