Research And Implenmentation On DDoS Attacks Detection Technology

With the rapid development of science and technology and the depth of application, the Internet is playing an increasingly important role in people's life, the coming problem of network security is becoming more and more serious. The information security and network security not only have tight relationship with the personal property, the enterprise, the government's security, but also occupies a pivotal position in national strength competition. DDoS attack, as the most serious threat in network security, has become a problem which cannot be ignored in the development of network. However, current detection method based on the statistical characteristic is too complex and unable to deal with high-dimensional data, and detection method based on information entropy depends on the setting of threshold. The rise of artificial intelligence provides a new opportunity for the improvement of DDoS attack detection technology.1. The study of DDoS attacks summarized the current mainstream DDoS attack categories and characteristics, analyzed the status of the current mainstream of the DDoS attack detection technology research,as well as the deficiency existing in the current detection technology.This paper introduces the principle of support vector machine (SVM)and artificial colony algorithm.2. Combining the technique of artificial colony algorithm and support vector machine (SVM), the paper based the idea to use artificial colony algorithm to optimize parameters of support vector machine for the method of detecting DDoS attack. And on the basis of the study of DDoS attacks, referring to the features proposed in KDD99 data set,using information gain algorithm for feature selection improves the detection rate of the model. The simulation experiments show that using artificial swarm algorithm to optimize parameters of the SVM model has higher detection rate comparing with either using the default parameters of the SVM model or using grid algorithm to optimize parameters of the SVM model. At the same time the feature selection can also increase the detection rate.3.Based on the idea using artificial swarm to optimize support vector machine parameters to detect DDoS attacks, a new method and system of the DDoS attack detection is designed and implemented, then the system is set up in the laboratory and the functionality and performance analysis of the system is verified, proving that the system can collect flow information of DDoS attack in the network traffic to detect the DDoS attacks effectively.