Detection of Application Layer DDoS Based on BP Neural Network

doi:10.3778/j.issn.1002-8331.1808-0246

Computer Engineering and Applications ›› 2019, Vol. 55 ›› Issue (20): 73-79.DOI: 10.3778/j.issn.1002-8331.1808-0246

Previous Articles Next Articles

Detection of Application Layer DDoS Based on BP Neural Network

JING Hongfei, ZHANG Kun, CAI Bing, YU Longhua

1.School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, China
2.Network Security Service, Jiangsu Sub Center of the National Internet Emergency Center, Nanjing 210003, China

Online:2019-10-15 Published:2019-10-14

基于BP神经网络的应用层DDoS检测方法

景泓斐，张琨，蔡冰，余龙华

1.南京理工大学计算机科学与工程学院，南京 210094
2.国家计算机网络应急技术处理协调中心江苏分中心网络安全处，南京 210003

Abstract

Abstract: CC（Challenge Collapsar） attack uses proxy servers or zombie hosts to send a large number of http requests to the server by simulating the user’s normal access to the page, causing server resources to be exhausted and implementing application layer DDoS. Some progress has been made in the detection of CC attacks. However, since the CC attack simulates the normal access of the user, the characteristics of the normal web page access are similar, which makes the attack identification difficult and high false positive rate. According to the characteristics of CC attack, combining packet rate, URL information entropy and URL conditional entropy, a CC attack detection algorithm based on BP neural network is put forward. Experimental results in the real network environment prove that the model can accurately identify normal traffic and CC attack traffic for small and medium-sized websites, and has relatively accurate detection results for large websites.

Key words: Challenge Collapsar（CC） attack, Distributed Denial-of-Service（DDoS）, attack detection, neural network

摘要： CC（Challenge Collapsar）攻击通过模拟用户正常访问页面的行为，利用代理服务器或僵尸主机向服务器发送大量http请求，造成服务器资源耗尽，实现应用层DDoS。目前，对于CC攻击的检测已经取得了一些进展，但由于CC攻击模拟用户正常访问页面，与正常网页访问特征较为相似，导致攻击识别较为困难，且误报率较高。根据CC攻击的特点，结合包速率、URL信息熵、URL条件熵三种有效特征，提出一种基于误差逆向传播（Back Propagation，BP）神经网络的CC攻击检测算法。在真实网络环境中的实验结果证明，该模型对中、小型网站能准确地识别正常流量与CC攻击流量，对大型网站也有较为准确的检测结果。

关键词: CC攻击, 分布式拒绝服务（DDoS）, 攻击检测, 神经网络

JING Hongfei, ZHANG Kun, CAI Bing, YU Longhua. Detection of Application Layer DDoS Based on BP Neural Network[J]. Computer Engineering and Applications, 2019, 55(20): 73-79.

景泓斐，张琨，蔡冰，余龙华. 基于BP神经网络的应用层DDoS检测方法[J]. 计算机工程与应用, 2019, 55(20): 73-79.

[1]	XU Hao, ZHANG Kai, TIAN Yingjie, CHONG Faguang, WANG Zichao. Review of Deep Neural Network-Based Image Caption [J]. Computer Engineering and Applications, 2021, 57(9): 9-22.
[2]	RAN Rong, XU Xinghua, QIU Shaohua, CUI Xiaopeng, OUYANG Bin. Review of Crack Detection Methods Based on Deep Convolutional Neural Networks [J]. Computer Engineering and Applications, 2021, 57(9): 23-35.
[3]	MOU Qingping, ZHANG Ying, ZHANG Dongbo, WANG Xinjie, YANG Zhiqiao. Research on Visual Tracking Algorithm and Application of Target Loss Discrimination Mechanism [J]. Computer Engineering and Applications, 2021, 57(9): 140-147.
[4]	BAO Zhiqiang, XING Yu, LYU Shaoqing, HUANG Qiongdan. Improved YOLO V2 6D Object Pose Estimation Algorithm [J]. Computer Engineering and Applications, 2021, 57(9): 148-153.
[5]	WANG Lin, CHAI Jiangyun. Research on Deep Neural Network in Multi-scene Vehicle Attribute Recognition [J]. Computer Engineering and Applications, 2021, 57(9): 162-167.
[6]	HUANG Dongyi, YANG Bing, WU Zihao, KUANG Jiayi, YAN Zeming. Spatio-Temporal Fully Connected Convolutional Neural Networks for Citywide Cellular Prediction [J]. Computer Engineering and Applications, 2021, 57(9): 168-175.
[7]	ZHAO Zhiyan, YANG Hua, HU Zhiwei, YU Haiping. Identification Model of Pests on Yuluxiang Pear Leaves Based on TACNN [J]. Computer Engineering and Applications, 2021, 57(9): 176-181.
[8]	ZHOU Lungang, SUN Yifeng, WANG Kun, WU Jiang, HUANG Weigui, LI Binglong. End to End Object Recognition Algorithm for Multi-attributes of Multi-values [J]. Computer Engineering and Applications, 2021, 57(9): 182-190.
[9]	ZHANG Cheng, DAI Junfeng, XIONG Wenxin. Improved Handwritten Date Recognition in Scanned Documents Combined with LeNet-5 [J]. Computer Engineering and Applications, 2021, 57(9): 207-211.
[10]	MA Zhexu, YANG Feng, QIAO Xu. Intelligent Detection Method of Railway Subgrade Defect [J]. Computer Engineering and Applications, 2021, 57(9): 272-278.
[11]	JIANG Bin, ZHONG Rui, ZHANG Qiuwen, ZHANG Huanlong. Survey of Non-frontal Facial Expression Recognition by Using Deep Learning Methods [J]. Computer Engineering and Applications, 2021, 57(8): 48-61.
[12]	LI Zhenxiao, SUN Wei, LIU Mingming, ZHENG Lili, CHEN Shaoying. Research on Vehicle Detection and Tracking Algorithms in Traffic Monitoring Scenes [J]. Computer Engineering and Applications, 2021, 57(8): 103-111.
[13]	ZHANG Yue, HUANG Yourui, LIU Pengkun. Research on Multi-resolution Human Pose Estimation with Attention Mechanism [J]. Computer Engineering and Applications, 2021, 57(8): 126-132.
[14]	LI Xianguo, FENG Xinxin, LI Jianxiong. Sigle Image Super-Resolution Reconstruction Based on Multi-scale Residual Network [J]. Computer Engineering and Applications, 2021, 57(7): 215-221.
[15]	ZHAI Zhengli, LI Penghui, FENG Shu. Research Overview of Adversarial Attacks on Graphs [J]. Computer Engineering and Applications, 2021, 57(7): 14-21.

Detection of Application Layer DDoS Based on BP Neural Network

基于BP神经网络的应用层DDoS检测方法

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics