nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

Multi-view DDoS Network Flow Feature Extraction Method via Convolutional Neural Network

verfasst von : Yifu Liu, Jieren Cheng, Xiangyan Tang, Mengyang Li, Luyi Xie

Erschienen in: Cyberspace Safety and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Distributed Denial of Service (DDoS) has caused tremendous damage to the network in large data environment. The features extracted by existing feature methods can not accurately represent the characteristics of network flow, and have the characteristics of high false alarm rate and high false alarm rate. This paper presents a multi-view distributed denial of service attack network flow feature extraction method based on convolutional neural network. According to the different characteristics of attack flow and normal flow in TCP/IP protocol, the related attributes of network flow are transformed into binary matrix, and the IP address and port number are reorganized into dual-channel matrix. Then, the multi-view perspective is composed of IP dual-channel matrix, port number dual-channel matrix, packet size grayscale matrix and TCP flag grayscale matrix. According to the characteristics of each attribute, different convolutional neural network models are used to extract the local features of each view, and the extracted local features are fused to form quaternion features to describe the characteristics of network flow. We use MVNFF to train the model, a distributed denial of service (DDoS) classifier based on multiple views is constructed. Experiments show that the features extracted by this method can more accurately represent the characteristics of network traffic and it can improve the robustness of the classifier and reduce the false alarm rate and false alarm rate.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Location Consistency-Based MITM Attack Detection in 802.11ad Networks

Nächstes Kapitel DDoS Attack Detection Method Based on V-Support Vector Machine

Cheng, J., Yin, J., Liu, Y., Cai, Z., Li, M.: DDoS attack detection algorithm using IP address features. In: Deng, X., Hopcroft, J.E., Xue, J. (eds.) FAW 2009. LNCS, vol. 5598, pp. 207–215. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02270-8_22CrossRef

Cheng, J., Zhang, C., Tang, X., Sheng, V.S., Dong, Z., Li, J.: Adaptive DDoS attack detection method based on multiple-kernel learning. Secur. Commun. Netw. 2018, 19 (2018)

Cheng, J., Xu, R., Tang, X., Sheng, V.S., Cai, C.: An abnormal network flow feature sequence prediction approach for DDoS attacks detection in big data environment. Comput. Mater. Continua 55(1), 095 (2018)

LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436 (2015)

LeCun, Y., Bottou, L., Bengio, Y., Haffner, P., et al.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)CrossRef

Li, J., Liu, Z., Chen, X., Xhafa, F., Tan, X., Wong, D.: L-EncDB: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl.-Based Syst. 79, 18–23 (2015)CrossRef

Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Enabling efficient fuzzy keyword search over encrypted data in cloud computing. IACR Cryptology ePrint Archive 2009, 593 (2009)

Ma, X., Li, J., Zhang, F.: Outsourcing computation of modular exponentiations in cloud computing. Cluster Comput. 16(4), 787–796 (2013)CrossRef

Maaten, L.V.D., Hinton, G.: Visualizing data using t-SNE. J. Mach. Learn. Res. 9, 2579–2605 (2008)

10.

Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004)CrossRef

11.

Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition. arXiv preprint arXiv:1409.1556 (2014)

12.

Stevanovic, D., Vlajic, N., An, A.: Detection of malicious and non-malicious website visitors using unsupervised neural network learning. Appl. Soft Comput. 13(1), 698–708 (2013)CrossRef

13.

Tian, H., Li, J.: A short non-delegatable strong designated verifier signature. Front. Comput. Sci. 8(3), 490–502 (2014)MathSciNetCrossRef

14.

Toklu, S., Simsek, M.: Two-layer approach for mixed high-rate and low-rate distributed denial of service (DDoS) attack detection and filtering. Arab. J. Sci. Eng. 43(12), 7923–7931 (2018)

15.

Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)CrossRef

16.

Wei, Y., et al.: Cross-modal retrieval with cnn visual features: a new baseline. IEEE Trans. Cybern. 47(2), 449–460 (2016)

17.

Xu, J., Wei, L., Zhang, Y., Wang, A., Zhou, F., Gao, C.: Dynamic fully homomorphic encryption-based merkle tree for lightweight streaming authenticated data structures. J. Netw. Comput. Appl. 107, 113–124 (2018)CrossRef

18.

Xu, R., Cheng, J., Wang, F., Tang, X., Xu, J.: A DRDoS detection and defense method based on deep forest in the big data environment. Symmetry 11(1), 78 (2019)CrossRef

19.

Yadav, V.K., Trivedi, M.C., Mehtre, B.M.: DDA: an approach to handle DDoS (Ping Flood) attack. In: Satapathy, S.C., Joshi, A., Modi, N., Pathak, N. (eds.) Proceedings of International Conference on ICT for Sustainable Development. AISC, vol. 408, pp. 11–23. Springer, Singapore (2016). https://doi.org/10.1007/978-981-10-0129-1_2CrossRef

Titel: Multi-view DDoS Network Flow Feature Extraction Method via Convolutional Neural Network
verfasst von: Yifu Liu
Jieren Cheng
Xiangyan Tang
Mengyang Li
Luyi Xie
Verlag: Springer International Publishing
Buch: Cyberspace Safety and Security
Print ISBN: 978-3-030-37351-1

Electronic ISBN: 978-3-030-37352-8

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-37352-8_3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"