Font Size: a A A

Design And Implementation Of A DDoS Attack Detection System Based On EBPF And Deep Learning

Posted on:2024-09-11Degree:MasterType:Thesis
Country:ChinaCandidate:W Y ChangFull Text:PDF
GTID:2568307136494874Subject:Computer technology
Abstract/Summary:
Network security is an important guarantee for various industries in the process of transitioning towards digitization and intelligence.Although DDoS(Distributed Denial of Service)attacks have been around for over 20 years,their frequent occurrence and constantly updated types of attacks still pose a threat to breaking network security.As an active DDoS attack defense method for detecting attacks,attack detection systems have always been a research hotspot in the field of network security.In recent years,researchers have proposed various excellent DDoS attack detection methods based on machine learning and deep learning.However,there are two issues in the above research directions: firstly,there are few complete system constructions for constructing attack detection models based on public datasets;Secondly,using network traffic data collection tools independent of the attack detection model to collaborate with the attack detection model to complete the attack detection task results in the separation of attack detection and data collection,and the collaboration efficiency of modules within the system is low.Therefore,it is of great significance to develop a complete DDoS attack detection system that closely cooperates with data collection modules and attack detection modules.This thesis studies an attack detection system for DDoS based on eBPF(extend Berkeley Packet Filter)and deep learning.Firstly,in requirements analysis and design,this thesis analyzes the functional and non functional requirements of the system,designs the overall architecture of the system,as well as the composition of the data collection module and attack detection module.Combining eBPF and deep learning,the implementation methods of each module are designed.Then,in the research on DDoS attack detection based on the FCNN(Fully Connected Neural Network)model,this thesis proposes a DDoS attack detection method based on the FCNN model.This method is divided into four workflows: dataset generation,dataset preprocessing,FCNN model training,and DDoS attack detection.The results of the DDoS attack detection performance and system load comparison experiments between the system implemented by the proposed method and Fine Lame demonstrate that the system implemented by the proposed method has high detection accuracy and low system load.Finally,this thesis implements an attack detection system for DDoS based on eBPF and deep learning.Through system functional testing,the results have proven that the system can perform DDoS attack detection tasks normally and provide feedback on the predicted DDoS attacker information to the user.Through various tests,it has been proven that the interaction steps of the eBPF and deep learning based DDoS attack detection system designed and implemented in this thesis are concise,meet system requirements,can handle abnormal situations,and the research conducted in this thesis is feasible and effective.
Keywords/Search Tags:Linux, eBPF, Deep Learning, FCNN, DDoS Attack Detection
Related items