计算机科学 ›› 2015, Vol. 42 ›› Issue (4): 127-131.doi: 10.11896/j.issn.1002-137X.2015.04.025

• 信息安全 • 上一篇    下一篇

基于包络延拓和本征波匹配的时变DoS攻击频谱检测

唐赞玉,刘 宏   

  1. 吉首大学信息科学与工程学院 吉首416000,湖南师范大学数学与计算机学院 长沙410081
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受湖南省科技计划项目(2012GK3127)资助

Spectrum Detection of Time-varying DoS Attack Signal Based on Envelope Extension and Intrinsic Wave Matching

TANG Zan-yu and LIU Hong   

  • Online:2018-11-14 Published:2018-11-14

摘要: DoS攻击信号具有非平稳时变特性,湮没在色噪声背景的复杂网络环境中,对之难以有效检测。传统方法中采用基于非平稳时变信号处理的Hough变换单谱脉冲响应检测算法,由于二次型时频分布的边缘效应会引起较大包络衰减,检测性能不好。因此提出一种基于包络延拓和本征波匹配的时变DoS攻击信号频谱检测算法来对DoS攻击检测信号进行双曲调频分解, 构建信号数学演化模型,得到信号包络和本征波特征提取结果。采用双线性Hough变换法分析频谱特征畸变,进行瞬时频率估计,得到信号的单谱脉冲响幅频响应,在包络时频特征空间优化搜索路径实现包络延拓,基于最小均方误差准则设计本征波匹配滤波器,控制DoS频谱偏移,实现信号频谱检测。仿真结果表明,本算法能在强色噪声背景干扰下提高检测性能,检测概率高于传统算法,且能准确估计参量信息,提高对DoS攻击信号的主动防御能力。

关键词: 包络延拓,本征波匹配,DoS攻击,信号检测,网络安全

Abstract: DoS attacks signal has non-stationary and time-varying property.It is lost in the complex network environment with color noise background,and it is difficult to detect.Traditional methods use Hough transform impulse response method to detect the non-stationary signal.Due to the edge effect of frequency distribution,detection performance is not good.A new spectrum detection method of DoS attack signal was proposed based on envelope extension and intrinsic wave matching filtering.The DoS attack signal is processed with hyperbolic frequency modulated signal decomposition,and mathematical evolution model is constructed.Signal envelope intrinsic wave features are extracted.The bilinear Hough transform method is used to analyze the spectrum distortion,instantaneous frequency estimation is obtained,and single pulse response amplitude frequency response is calculated.In time frequency feature space,the envelope extension path search is optimized.Intrinsic wave matching filter is designed based on minimum mean square error criteria.DoS frequency shift is controlled,and the spectrum detection is obtained.Simulation results show that the algorithm can improve the detection performance,and the interference of strong colored noise can be suppressed.The detection probability is higher than traditional methods.It can accurately estimate the parameters,and the active defense ability of network security is improved.

Key words: Envelope extension,Intrinsic wave matching,DoS attack,Signal detection,Network security

[1] 刘衍珩,付枫,朱建启,等.基于活跃熵的DoS攻击检测模型[J].吉林大学学报:工学版,2011,41(4):1059-1063
[2] 江先亮,金光,杨建刚,等.面向自治域的 DoS 攻击流抑制模型[J].通信学报,2013,4(9):132-141
[3] 王进,阳小龙,隆克平.基于大偏差统计模型的 Http-Flood DDoS检测机制及性能分析[J].软件学报,2012,23(5):1272-1280
[4] 张永铮,肖军,云晓春,等.DDoS 攻击检测和控制[J].软件学报,2012,23(8):2258-2072
[5] 王睿.一种基于回溯的Web上应用层DDOS检测防范机制[J].计算机科学,2013,0(11A):175-177
[6] 夏秦,王志文,卢柯.入侵检测系统利用信息熵检测网络攻击的方法[J].西安交通大学学报,2013,7(2):14-19
[7] 周华,周海军,马建锋.基于博弈论的入侵容忍系统安全性分析模型[J].电子与信息学报,2013,5(8):1933-1939
[8] Bimal K M,Gholam M A.Differential epidemic model of virus and worms in computer network [J].International Journal of Network Security,2012,14(3):149-155
[9] Zhu Q Y,Yang X F,Yang L X,et al.Optimal control of computervirus under a delayed model [J].Applied Mathematics and Computation,2012,218(23):11613-11619
[10] 张辉.自体集网络入侵检测中的高效寻优算法仿真[J].计算机仿真,2013,0(8):297-300
[11] 樊爱宛,时合生.基于特征选择和SVM参数同步优化的网络入侵检测[J].北京交通大学学报,2013,7(5):58-61
[12] 饶雨泰,杨凡.网络入侵搅动下的网络失稳控制方法研究[J].科技通报,2014,0(1):185-188
[13] 罗柏文,沈彩耀,于宏毅.采用余弦调制滤波器组的多径衰落信号子带合成[J].信号处理,2013,9(5):537-543

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!