| LDoS(Low-rate Denial of Service)attack is a new kind of Do S attack.In the process of LDoS attack,the deficiency of the network adaptive mechanism is utilized and Network link is kept in an unstable state without being detected.By sending short pulse sequences periodically,LDoS attack can easily hide in complex network traffic for its low average rate,so it has great threat to the network security.The traditional detection methods for DoS attack are difficult to detect LDoS attack,and the existing methods of detecting LDoS still have some deficiencies.Based on the study of the principle and mathematical model of LDoS attack,the network traffic under different attack parameters,network environment and sampling rules is analyzed by analyzing link flow.According to the characteristic of the flow of LDoS attack,an approach of detecting LDoS attack based on particle filter is proposed.The non-linear model of network traffic is established by BP neural network and the traffic within the following time is estimated by particle filter.In the meantime,the threshold is set according to the central limit theorem,and the error of one-step prediction value and particle filter estimation value is used as the basis for the detection.Then,LDoS attack is detected when the error exceeds the threshold,and the initiation and termination of the LDoS attack can be detected by Student's t test.This method is verified in the NS2 and Test-bed,and compared with the existing detection algorithm,the results show that this method has a good detection performance with a detection rate of 97.68%. |
PDF Full Text Request