计算机工程与应用 ›› 2012, Vol. 48 ›› Issue (2): 86-89.

• 网络、通信、安全 • 上一篇    下一篇

自适应聚类算法在DDoS攻击检测中的应用

李丽娟1,2,李少东1   

  1. 1.湖南大学 计算机与通信学院,长沙 410082
    2.湖南大学 网络与信息安全湖南省重点实验室,长沙 410082
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2012-01-11 发布日期:2012-01-11

Application of adaptive clustering algorithm on DDoS attacks detection

LI Lijuan1,2, LI Shaodong1   

  1. 1.School of Computer and Communication, Hunan University, Changsha 410082, China
    2.Hunan Provincial Key Laboratory of Network and Information?Security, Hunan University, Changsha 410082, China
  • Received:1900-01-01 Revised:1900-01-01 Online:2012-01-11 Published:2012-01-11

摘要: 针对DDoS攻击检测中k-means算法对初始聚类中心敏感和要求输入聚类数目的缺点,提出了一种基于动态指数和初始聚类中心点选取的自适应聚类算法(Adaptive Clustering Algorithm),并使用该算法建立DDoS攻击检测模型。通过使用LLS_DDoS_1.0数据集对该模型进行测试并与k-means算法对比,实验结果表明,该算法提高了DDoS攻击的检测率,降低了误警率,验证了检测方法的有效性。

关键词: DDoS攻击检测, k-means算法, 动态指数, 自适应聚类算法

Abstract: The k-means algorithm in DDoS attack detection is sensitive to the initial cluster centers and need to input the number of clusters. For the above two drawbacks, a new adaptive clustering algorithm based on dynamic index and the initial center selection is proposed, and use it to establish the DDoS attack detection model. Then the detection model is tested by using the LLS_DDoS_1.0 data sets, and is compared with the k-means algorithm. The result show that the method improves the detection rate and reduces the false alarm rate. So it is an effective detection method.

Key words: DDoS attacks detection, k-means algorithm, dynamic index, adaptive clustering algorithm