DDoS attack detection method based on HMM and chaos model

A chaotic and model technology, applied in the field of communication, can solve the problems of loss of information, lack of consideration of relationships, and low accuracy of DDoS attack detection, so as to reduce the false positive rate, overcome limitations, and reduce the false positive rate of DDoS attacks.

Active Publication Date: 2018-11-27
维森派沃(无锡)科技有限公司 +1
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This type of DDoS attack detection directly infers the mark of the sample based on the current feature value, without considering the relationship b

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack detection method based on HMM and chaos model
  • DDoS attack detection method based on HMM and chaos model
  • DDoS attack detection method based on HMM and chaos model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings. Apparently, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0038] In order to detect DDoS attack, the present invention provides a DDoS attack detection method based on HMM and chaos model.

[0039] figure 1 It is a flowchart of a method for detecting a DDoS attack based on an HMM and a chaotic model provided by an embodiment of the present invention.

[0040] S100, continuously collecting network traffic information for D units of time as an HMM training set;

[0041] In one embodiment, the network flow information includes the number of data packets and the numbe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An embodiment of the invention discloses a DDoS attack detection method based on HMM and chaos model. The method comprises the following steps: acquiring network traffic information as an HMM trainingset; calculating to obtain a network traffic weighting feature observation sequence and a network flow average speed sequence; calculating the optimal number N of implicit strata states according tothe HMM training set; classifying the HMM training set into N types by a hierarchical clustering algorithm to obtain an implicit strata state sequence; performing supervised learning of HMM by use ofthe network traffic weighting feature observation sequence and the implicit strata state sequence, to obtain a state transfer matrix and a confusion matrix; calculating follow-up network traffic weighting features according to the state transfer matrix and the confusion matrix, to obtain a follow-up network traffic weighting feature prediction sequence; calculating a prediction error sequence of the follow-up network traffic weighting feature prediction sequence according to a chaos model; identifying DDoS attack according to the prediction error sequence and the network flow average speed sequence.

Description

technical field [0001] The invention relates to the technical field of communication, in particular to a DDoS attack detection method based on HMM and chaos model. Background technique [0002] Distributed Denial of Service (Distributed Denial of Service, DDoS) attack is an attack method often used by hackers and difficult to prevent. In recent years, with the rapid development of electronic encrypted virtual currency and the continuous increase of Internet of Things devices, DDoS attack methods have become more diversified, posing a huge threat to Internet security. [0003] The existing technology of DDoS attack detection based on machine learning is usually regarded as a binary classification problem. Representative features are selected from network traffic, and the feature sequences of attack traffic and normal traffic are respectively abstracted, and the sequence Each feature in is given a mark: attack or normal; then use the feature sequence to train the detection mo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06K9/62G06N7/08
CPCH04L63/1408H04L63/1416H04L63/1458G06N7/08G06F18/295
Inventor 程杰仁唐湘滟黄梦醒董哲张晨
Owner 维森派沃(无锡)科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap