Research On Detection Of DOS Attack In Police Special Network

In recent years,the issue of network security has been the concern of many research institutes,the public network security issues have been gradually attention and improved,but the network of cluster network security issues have not been given full attention.The security issue should be regarded as the most important consideration for special networks,police pecial networks are crucial approach to ensure that the people’s lives and property,Do S(Denial of Service)attack was one of the threats to harm special networks.Multicast technology has been widely used in police special network because of its efficient group call characteristics.However,the security of multicast transmission has been limited to the development and application of cluster communication.The DoS attack in the private domain is mainly initiated by the inherent defects of the network protocol and the application mode.As the network protocol can not be absolutely perfect,the attack mode will continue with the development of Internet technology.This paper studies the most common DoS attacks in the multicast scene of police private network.Firstly,the principle and characteristics of the attack are analyzed,and the dynamic entropy model(DEM)is established by summing up the characteristics of the network flow in different types of Do S attacks.Finally,the actual entropy change of the network connection process under different conditions is calculated by taking the actual network connection process as an example.Then,combined with the established dynamic entropy state model,this paper establishes a DoS attack detection algorithm.Through the in-depth analysis of several of the most common Do S attacks in the police network,different attacks have different characteristics at the network stream level.These different action characteristics will cause the change of entropy.Therefore,according to the changes of dynamic entropy,we can tell whether the network data is malicious behavior.The simulation results show that the mechanism can detect the active entropy in the network and distinguish the malicious network attack behavior.Finally,a security mechanism based on DEM is proposed.Through the comparison of the active entropy of the system with normal situation,the security mechanism can well identify the abnormal network behavior and terminate the attack on the network by banning its data channel and destroying its packets data.