| Cloud computing has become one of the main computing methods on the internet today,and cloud platforms provide an environment for the development of cloud computing technology.Although cloud platforms offer many conveniences and have significant development advantages,many security incidents have emerged due to their inherent flaws,severely constraining their development.Distributed Denial of Service(DDoS)attacks are one of the main security threats faced by cloud platforms today.Firstly,traditional DDoS attacks are highly efficient and powerful in the cloud platform,even leading to serious network security incidents.Secondly,DDoS attacks within the cloud platform are more intelligent and concealed,increasing the difficulty of security defense for the cloud platform.In response to DDoS attacks in the cloud platform environment,this thesis proposes an attack detection scheme under the cloud platform,which includes two modules: DDoS attack warning and DDoS attack detection.To address the problem of significant differences in traffic behavior among hosts in the cloud platform environment,this thesis proposes a DDoS attack warning method based on the Affinity Propagation(AP)clustering algorithm.This method includes the data collection stage and the DDoS attack stage.In the data collection stage,the Winpcap system is used to collect normal and abnormal network traffic from hosts within the cloud platform.Normal network traffic is classified into host groups based on traffic behavior using the AP clustering algorithm,and a dynamic damping coefficient is introduced to the AP clustering algorithm to speed up clustering.In the DDoS attack stage,the abnormal traffic of different host groups is analyzed using the stream threshold method to determine which group is under DDoS attack.Experimental results show that introducing dynamic damping coefficient significantly reduces clustering time,and classifying hosts with the same traffic behavior into the same host group does improve DDoS attack detection accuracy and reduce false positive rate.To address the problem of diverse and dynamic DDoS attack types within the cloud platform and the fixed weight values of Stacking ensemble learning base classifiers,this thesis proposes a DDoS attack detection method based on ensemble learning and uses the Local Unimodal Sampling(LUS)and Particle Swarm Optimization(PSO)weight optimization methods to solve the fixed weight value problem of Stacking ensemble learning base classifiers.This method first uses onehot encoding to numerically process the data and address the problem of incomplete data features.Then,LUS and PSO weight optimization strategies are used to evaluate the weights of the base classifiers,continuously optimizing and adjusting until the optimal weight set is obtained.Finally,the output of these weighted base classifiers is used as input to the meta-classifier for further training and to obtain the final result.This model identifies network traffic in the cloud platform environment to achieve fine-grained detection of DDoS attack types.The experimental results show that this method has a high recall rate and a low false positive rate,and has good performance in DDoS multi-type detection,with an accuracy rate of around 90%,far higher than other methods. |
PDF Full Text Request