电子科技大学学报
電子科技大學學報
전자과기대학학보
JOURNAL OF UNIVERSITY OF ELECTRONIC SCIENCE AND TECHNOLOGY OF CHINA
2014年
1期
76-81
,共6页
张凤荔%王丹%赵永亮%冯波%王勇
張鳳荔%王丹%趙永亮%馮波%王勇
장봉려%왕단%조영량%풍파%왕용
拒绝服务攻击%拒绝服务攻击检测%TCM-KNN算法
拒絕服務攻擊%拒絕服務攻擊檢測%TCM-KNN算法
거절복무공격%거절복무공격검측%TCM-KNN산법
DoS attack%DoS detection%improved transductive confidence machines for K-nearest neighbors
由于实现方式简单、攻击形式多样、威胁范围广、不易防御和区分,拒绝服务(DoS)攻击已经成为网络的最主要安全威胁之一。该文提出了一种ITCM-KNN算法,在此基础上建立了DoS检测框架。使用标准数据集KDD Cup 1999进行算法验证和分析实验。采用基于信息增益算法选择了5个特征,在保证高检测效果的同时减少了特征的维数。该算法不需要对攻击进行学习和建模,使用少量的正常样本作为训练集,提高了检测性能。实验结果表明,改进的TCM-KNN算法检测率高于SVM等算法,达到99.99%。
由于實現方式簡單、攻擊形式多樣、威脅範圍廣、不易防禦和區分,拒絕服務(DoS)攻擊已經成為網絡的最主要安全威脅之一。該文提齣瞭一種ITCM-KNN算法,在此基礎上建立瞭DoS檢測框架。使用標準數據集KDD Cup 1999進行算法驗證和分析實驗。採用基于信息增益算法選擇瞭5箇特徵,在保證高檢測效果的同時減少瞭特徵的維數。該算法不需要對攻擊進行學習和建模,使用少量的正常樣本作為訓練集,提高瞭檢測性能。實驗結果錶明,改進的TCM-KNN算法檢測率高于SVM等算法,達到99.99%。
유우실현방식간단、공격형식다양、위협범위엄、불역방어화구분,거절복무(DoS)공격이경성위망락적최주요안전위협지일。해문제출료일충ITCM-KNN산법,재차기출상건립료DoS검측광가。사용표준수거집KDD Cup 1999진행산법험증화분석실험。채용기우신식증익산법선택료5개특정,재보증고검측효과적동시감소료특정적유수。해산법불수요대공격진행학습화건모,사용소량적정상양본작위훈련집,제고료검측성능。실험결과표명,개진적TCM-KNN산법검측솔고우SVM등산법,체도99.99%。
Because of the simplicity of the implementation, various attacking forms, destructivity, and difficulty of filtering out, DoS has become one of the most serious security threats to the Internet. In this paper, we propose an improved transductive confidence machines for k-nearest neighbors (ITCM-KNN) algorithm and establish a framework for DoS detection. Evaluation and experiments of the algorithm are based on the standard dataset KDD Cup 1999 with 5 selected features using the information gain algorithm, which can ensure high detection rate while reducing the dimension of the features. The proposed algorithm does not need learning and modeling attacks. It only needs a small number of samples as training data set. The comparison results show that the true positive rate (TP) of the improved TCM-KNN algorithm is about 99.99%, which is higher than other detection algorithm such as SVM.