计算机科学 ›› 2021, Vol. 48 ›› Issue (6A): 524-528.doi: 10.11896/jsjkx.200500001
赵志强, 易秀双, 李婕, 王兴伟
ZHAO Zhi-qiang, YI Xiu-shuang, LI Jie, WANG Xing-wei
摘要: 随着IPv6网络流量的快速增加和复杂化,传统入侵检测系统Snort是基于具体规则对DoS攻击进行检测的,这降低了IDS的检测性能。为了解决IPv6网络环境下的DoS入侵检测问题,采用了机器学习中的轻量级KNN的优化算法。首先,通过信息增益率实现特征的双重降维,针对具有较多类型子特征的离散特征进行选择和聚合,以实现进一步降维,减小实际运算的特征维度。其次,利用信息增益率作为优化样本欧氏距离测量的权重。基于所提出的反向距离影响力的度量指标,对KNN算法的分类决策算法进行了优化,使检测技术的效果得到进一步提高。实验结果表明,相比传统基于平均距离的TAD-KNN算法和仅优化距离定义的GR-KNN算法,GR-AD-KNN算法在IPv6网络流量特征检测中不仅可以提升整体检测性能,同时还对小群体样本分类拥有更好的检测效果。
中图分类号:
[1] SUN S Y.IPv6:Opportunities for the Development of NextGeneration Internet in China [J].The Internet Economy,2018(8):20-25. [2] PRAPTODIYONO S,MURUGESAN R K,HASBULLAH IH,et al.Security mechanism for IPv6 stateless address autoconfiguration[C]// International Conference on Automation,Cognitive Science,Optics,MICRO Electro-Mechanical System,and Information Technology.IEEE,2016:31-36. [3] WANG J S,LI J Y,ZHANG H W,et al.Design of Large-scale Network Anomaly Traffic Detection System Based on IPv6[J].Computer Engineering,2018,44(10):14-21. [4] ARD J B.Internet Protocol version Six (IPv6) at UC Davis:Traffic Analysis with a Security Perspective[J].Dissertations & Theses - Gradworks,2012:20. [5] SAGALA A.Automatic SNORT IDS rule generation based on honeypot log[C]// International Conference on Information Technology and Electrical Engineering.IEEE,2016:576-580. [6] ZULKIFLEE M.A Framework of Features Selection for IPv6 Network Attacks Detection[J].WSEAS Transactions on Communications,2015,14(46):399-408. [7] LI D,LI Y,YUAN C,et al.The application of decision treeC4.5 algorithm to soil quality grade forecasting model[C]// IEEE International Conference on Computer Communication and the Internet.IEEE,2016:552-555. [8] LI B,CHEN A B,ZHOU T,et al.Grade evaluation based on improved C4.5 algorithm in forest fire danger[J].Hunan Forestry Science & Technology,2018,45(1):36-40. [9] DU J L,YAN W L.Multiple classifiers of C4.5 decision tree based on distance weight[J].Computer Engineering and Design,2018,39(1):96-102. [10] XIAO H H,DUAN Y M.Improved the KNN Algorithm Based on Related to the Distance of Attribute Value[J].Computer Science,2013,40(S2):157-159,187. [11] DAI P W,PAN B,WANG Y M,et al.An Improved KNN Algorithm Based on Analytic Hierarchy Process[J].Journal of Liaoning Shihua University,2018,38(4):87-92. [12] PENG Y.Precision marketing system of terminal based on Data mining[D].Nanjing:Nanjing University,2014. [13] ZHANG Y Q.Improvement of Algorithm for finding Segmentation Points of Continuous Value of Decision Tree[J].Computer CD Software and Applications,2013,16(23):116-117. [14] KDD Cup 1999 Data [EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. |
[1] | 王栋, 王虎, 姜迁里. 基于6LoWPAN的低功耗长距离海洋环境监测系统 Low Power Long Distance Marine Environment Monitoring System Based on 6LoWPAN 计算机科学, 2020, 47(6A): 596-598. https://doi.org/10.11896/JsJkx.190900194 |
[2] | 庞立会,江峰. 一种IPV6环境下的高性能规则匹配算法研究 Research on High Performance Rule Matching Algorithm in IPV6 Networks 计算机科学, 2017, 44(3): 158-162. https://doi.org/10.11896/j.issn.1002-137X.2017.03.035 |
[3] | 曹旭,祝跃飞,费金龙. 基于协同地址碰撞的隐蔽认证方法 Cooperative Address Knocking Based Covert Authentication 计算机科学, 2016, 43(9): 175-179. https://doi.org/10.11896/j.issn.1002-137X.2016.09.034 |
[4] | 张建明,赵利杰,冯霞. VANET中基于移动IPv6的快速切换策略研究 Fast Handover Strategy Research Based on Mobile IPv6 in VANET 计算机科学, 2016, 43(10): 93-97. https://doi.org/10.11896/j.issn.1002-137X.2016.10.017 |
[5] | 秦李,黄曙光,陈 骁. IPv6 AS级Internet抗毁性研究 Research on Invulnerability of IPv6 AS-level Internet 计算机科学, 2015, 42(8): 161-165. |
[6] | 陈源,张奇支,饶亮,赵淦森. 代理移动IPv6中的分布式NEMO网络实现方案 Distributed Network Mobility Management over Proxy Mobile IPv6 Network 计算机科学, 2015, 42(2): 76-80. https://doi.org/10.11896/j.issn.1002-137X.2015.02.016 |
[7] | 王轩,王振兴,王禹,张连成. SSI:一种IPv6/IPv4多址同源识别模型 SSI:A Same Source Identification Model for Multiple IPv6/IPv4 Addresses 计算机科学, 2014, 41(8): 139-143. https://doi.org/10.11896/j.issn.1002-137X.2014.08.031 |
[8] | 刘乔寿,张伟,王汝言,吴大鹏. 6LoWPAN适配层分片与重组算法性能分析 Performance Analysis for Fragmentation and Assembly Algorithm of 6LoWPAN Adaptation Layer 计算机科学, 2014, 41(7): 176-180. https://doi.org/10.11896/j.issn.1002-137X.2014.07.036 |
[9] | 刘慧生,王振兴,张连成,侯毅. 基于重叠网的IPv6网络拓扑保护模型 Overlay Network Based IPv6Network Architecture Protection Model 计算机科学, 2013, 40(6): 71-75. |
[10] | 王剑锋,陈灿峰,刘嘉,郗闽军. 一种基于IPv6和低功耗蓝牙的物联网体系结构 Internet of Things Architecture Based on IPv6and Bluetooth Low Energy 计算机科学, 2013, 40(5): 97-102. |
[11] | 唐伟,汤红波,陈璐. 基于PMIPv6的移动网络快速切换方案 PMIPv6Based Fast Handover Scheme for Network Mobility 计算机科学, 2013, 40(11): 43-47. |
[12] | 饶亮,张奇支,黄兴平. 基于快速切换的MIPv6与PMIPv6域间互通优化方案 Optimization Scenarios of Interactions between MIPv6 and PMIPv6 Based on Fast Handover 计算机科学, 2012, 39(8): 47-. |
[13] | 王刚,郭渊博,刘伟. 一种无线Mesh网络中可证明安全的HMIPv6路由优化方案 Provable Secure Route Optimization Scheme for HMIPv6 in Wireless Mesh Network 计算机科学, 2012, 39(3): 62-66. |
[14] | 邱全杰,吴中福. 一种IPv6网络可用带宽测量方法及分析 Method for Available Bandwidth Measuring and Analysis of IPv6 Network 计算机科学, 2011, 38(4): 84-86. |
[15] | 王亚刚,杜慧敏,杨康平. 使用Hash表和树位图的两级IPv6地址查找算法 Two-stage IPv6 Address Lookup Scheme Based on Hash Tables and Tree Bitmaps 计算机科学, 2010, 37(9): 36-39. |
|