CAJ | 학술논문

　　为了动态、准确、高效地描述用户的访问行为，实现对不同应用层分布式拒绝服务(Application-layer Distributed Denial of Service, App-DDoS)攻击行为的透明检测，该文提出基于最大频繁序列模式挖掘的ADA_MFSP(App-DDoS Detection Algorithm based on Maximal Frequent Sequential Pattern mining)检测模型。该模型在对正常Web访问序列数据库(Web Access Sequence Database, WASD)及待检测WASD进行最大频繁序列模式挖掘的基础上，引入序列比对平均异常度，联合浏览时间平均异常度、请求循环平均异常度等有效检测属性，最终实现攻击行为的异常检测。实验证明：ADA_MFSP模型不仅能有效检测各类App-DDoS攻击，且有良好的检测灵敏度。
　　위료동태、준학、고효지묘술용호적방문행위，실현대불동응용층분포식거절복무(Application-layer Distributed Denial of Service, App-DDoS)공격행위적투명검측，해문제출기우최대빈번서렬모식알굴적ADA_MFSP(App-DDoS Detection Algorithm based on Maximal Frequent Sequential Pattern mining)검측모형。해모형재대정상Web방문서렬수거고(Web Access Sequence Database, WASD)급대검측WASD진행최대빈번서렬모식알굴적기출상，인입서렬비대평균이상도，연합류람시간평균이상도、청구순배평균이상도등유효검측속성，최종실현공격행위적이상검측。실험증명：ADA_MFSP모형불부능유효검측각류App-DDoS공격，차유량호적검측령민도。
In order to describe the user’s access behavior dynamically, efficiently and accurately, a novel detection model for Application-layer Distributed Denial of Service (App-DDoS) attack based on maximal frequent sequential pattern mining is proposed, named App-DDoS Detection Algorithm based on Maximal Frequent Sequential Pattern mining (ADA_MFSP). After mining maximal frequent sequential patterns of trained and detected Web Access Sequence Database (WASD), the model introduces sequence alignment, view time and request circulation abnormality to describe the behaviour of App-DDoS attacks, finally achieves the purpose of attack detection. It is proved with experiments that the ADA_MFSP model can not only detect kinds of App-DDoS attacks, but also has good detection sensitivity.