Open AccessLDoS attack detection method based on traffic classification prediction
Author(s) -
Liu Liang,
Yin Yue,
Wu Zhijun,
Pan Qingbo,
Yue Meng
Publication year - 2022
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/ise2.12046
Subject(s) - computer science , hurst exponent , denial of service attack , artificial intelligence , pattern recognition (psychology) , data mining , mathematics , statistics , the internet , world wide web
Aiming at the low rate and strong concealment of low‐rate Denial of Service (LDoS) attacks, the calculation of traffic Hurst index is combined with traffic classification, and a machine learning LDoS attack detection method based on search sorting is proposed. The method first calculates the segmentation Hurst exponent of each flow, and constructs a traffic similarity matrix as a statistical feature. Then, using the improved model XGBoost of the Gradient Boosting Decision Tree (GBDT), the traffic is classified and predicted. The network angle distinguishes between normal traffic and abnormal Origin‐Destination (OD) flows containing LDoS attacks, thereby achieving the purpose of detecting LDoS attacks. The method in this study was validated using the US public network dataset Abilene. The experimental results show that the global LDoS attack traffic detection method based on the Hurst index and GBDT algorithm achieves better detection results under different attack rates.