信息网络安全 ›› 2022, Vol. 22 ›› Issue (7): 1-8.doi: 10.3969/j.issn.1671-1122.2022.07.001

• 等级保护 •    下一篇

一种基于RNN区分DDoS攻击类型的方法

范明钰1, 李珂2()   

  1. 1.电子科技大学计算机科学与工程学院,成都 611731
    2.重庆大学土木工程学院,重庆 400044
  • 收稿日期:2022-04-07 出版日期:2022-07-10 发布日期:2022-08-17
  • 通讯作者: 李珂 E-mail:keli-bridge@cqu.edu.cn
  • 作者简介:范明钰(1962—),女,四川,教授,博士,主要研究方向为网络信息安全|李珂(1989—),男,四川,副教授,博士,主要研究方向为风灾智能防控
  • 基金资助:
    国家自然科学基金(60272091);国家自然科学基金(60373109)

A Method to Distinguish DDoS Attack Types Based on RNN

FAN Mingyu1, LI Ke2()   

  1. 1. Scholl of Computer Science & Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China
    2. Scholl of Civil Engineering, Chongqing University, Chongqing 400044, China
  • Received:2022-04-07 Online:2022-07-10 Published:2022-08-17
  • Contact: LI Ke E-mail:keli-bridge@cqu.edu.cn

摘要:

随着网络技术的广泛应用,出现了多种多样的网络攻击,其中,分布式拒绝服务(Distributed Denial of Service,DDoS)攻击的危害性较大。将12种DDoS攻击的数据与正常数据流混在一起后难以区分,因此防御DDoS攻击的关键是对其进行有效区分。文章提出一种基于RNN区分DDoS攻击类型的方法。以循环神经网络(Recurrent Neural Network,RNN)为研究改进对象,运用了模型的模块化研究方法和技术,抽象出3类简单模块组合形成RNN-IDDoS模型,该模型具有5层、3种时间步。在公开数据集上进行实验,实验结果表明该模型的准确率可达99.8%,优于当前其他3种模型,取得了很好的区分效果。

关键词: DDoS攻击, 类型区分, RNN

Abstract:

With the wide application of network technology, there are a variety of network attacks, among which distributed denial of service (DDoS) attacks are more harmful. The 12 types of DDoS attacks are mixed with normal data flows and are difficult to distinguish. The primary problem of defending against DDoS attacks is to distinguish them effectively. For the first time, this paper aimed to distinguish for research purposes attack types. It is proposed a method to distinguish DDoS attack types based on Recurrent neural network(RNN). RNN is a research object, with the modularization research methods and techniques, three types of simple modules are abstracted, and combined to form the RNN-IDDoS model. This model has five layers, three-time steps. Experiments on public datasets show that the proposed model can achieve an accuracy of 99.8%, which is better than the experimental test conclusions of the other three current models and has achieved good discrimination results.

Key words: DDoS attack, type distinguish, RNN

中图分类号: