微计算机信息
微計算機信息
미계산궤신식
CONTROL & AUTOMATION
2010年
6期
54-56
,共3页
IPv6网络安全%DDoS攻击检测%网络流量的自相似性%Hurst参数%Whittle ML
IPv6網絡安全%DDoS攻擊檢測%網絡流量的自相似性%Hurst參數%Whittle ML
IPv6망락안전%DDoS공격검측%망락류량적자상사성%Hurst삼수%Whittle ML
IPv6 network security%detection of DDoS attacks%network traffic self-similarity%Hurst parameter%Whittle ML
DDoS攻击是当今网络包括下一代网络IPv6中最严重的威胁之一,提出一种基于流量自相似的IPv6的实时检测方法.分别采用改进的WinPcap实现"流"数据的实时捕获和监测,和将Whittle ML方法首次应用于DDoS攻击检测.针对Hurst估值方法的选择和引入DDoS攻击流的网络进行对比仿真实验,结果表明:Hurst估值相对误差,Whittle ML方法比小波变换减少0.07%;检测到攻击的误差只有0.042%,准确性达99.6%;增强了DDoS攻击检测的成功率和敏感度.
DDoS攻擊是噹今網絡包括下一代網絡IPv6中最嚴重的威脅之一,提齣一種基于流量自相似的IPv6的實時檢測方法.分彆採用改進的WinPcap實現"流"數據的實時捕穫和鑑測,和將Whittle ML方法首次應用于DDoS攻擊檢測.針對Hurst估值方法的選擇和引入DDoS攻擊流的網絡進行對比倣真實驗,結果錶明:Hurst估值相對誤差,Whittle ML方法比小波變換減少0.07%;檢測到攻擊的誤差隻有0.042%,準確性達99.6%;增彊瞭DDoS攻擊檢測的成功率和敏感度.
DDoS공격시당금망락포괄하일대망락IPv6중최엄중적위협지일,제출일충기우류량자상사적IPv6적실시검측방법.분별채용개진적WinPcap실현"류"수거적실시포획화감측,화장Whittle ML방법수차응용우DDoS공격검측.침대Hurst고치방법적선택화인입DDoS공격류적망락진행대비방진실험,결과표명:Hurst고치상대오차,Whittle ML방법비소파변환감소0.07%;검측도공격적오차지유0.042%,준학성체99.6%;증강료DDoS공격검측적성공솔화민감도.
Even now DDoS attack is still the major threat in network, including IPv6. A real-time detection method based on traffic self-similarity is proposed. It uses the improved WinPcap for the realization of "flow" data real-time capturing and monitoring, and applies Whittle ML method firstly to DDoS attacks detection. Considering choosing of Hurst parameter estimation and introduction of DDoS attacks on network flow, we make compared simulation experiment. The results show that the Whittle ML is less 0.07% than the wavelet transform in the Hurst relative error, and the new method can detect attacks on the only error of 0.042%, up to 99.6% accuracy, can enhance DDoS attacks detection accuracy and sensitivity.
