摘要
由于实现方式简单、攻击形式多样、威胁范围广、不易防御和区分,拒绝服务(DoS)攻击已经成为网络的最主要安全威胁之一。该文提出了一种ITCM-KNN算法,在此基础上建立了DoS检测框架。使用标准数据集KDD Cup 1999进行算法验证和分析实验。采用基于信息增益算法选择了5个特征,在保证高检测效果的同时减少了特征的维数。该算法不需要对攻击进行学习和建模,使用少量的正常样本作为训练集,提高了检测性能。实验结果表明,改进的TCM-KNN算法检测率高于SVM等算法,达到99.99%。
Because of the simplicity of the implementation, various attacking forms, destructivity, and difficulty of filtering out, DoS has become one of the most serious security threats to the Internet. In this paper, we propose an improved transductive confidence machines for k-nearest neighbors (ITCM-KNN) algorithm and establish a framework for DoS detection. Evaluation and experiments of the algorithm are based on the standard dataset KDD Cup 1999 with 5 selected features using the information gain algorithm, which can ensure high detection rate while reducing the dimension of the features. The proposed algorithm does not need learning and modeling attacks. It only needs a small number of samples as training data set. The comparison results show that the true positive rate (TP) of the improved TCM-KNN algorithm is about 99.99%, which is higher than other detection algorithm such as SVM.
出处
《电子科技大学学报》
EI
CAS
CSCD
北大核心
2014年第1期76-81,共6页
Journal of University of Electronic Science and Technology of China
基金
国家自然科学基金(61133016)
国家自然科学基金
中物院联合基金(U1230106)
工信部科技重大专项(2011ZX03002-002-03)
国家信息安全计划(2010A14)
电子发展基金(信部运(2007)329)
四川省科技支撑计划(M110106012009FZ0148)
关键词
拒绝服务攻击
拒绝服务攻击检测
TCM-KNN算法
DoS attack
DoS detection
improved transductive confidence machines for K-nearest neighbors
