Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (6A): 524-528.doi: 10.11896/jsjkx.200500001

• Information Security • Previous Articles     Next Articles

Research on DoS Intrusion Detection Technology of IPv6 Network Based on GR-AD-KNN Algorithm

ZHAO Zhi-qiang, YI Xiu-shuang, LI Jie, WANG Xing-wei   

  1. College of Computer Science and Engineering,Northeastern University,Shenyang 110819,China
  • Online:2021-06-10 Published:2021-06-17
  • About author:ZHAO Zhi-qiang,born in 1994,postgraduate.His main research interests include network security and machine learning.
    YI Xiu-shuang,born in 1969,professor,is a member of China Computer Federation.His main research interests include next generation internet,network security and big data analysis.
  • Supported by:
    National Key Research and Development Project(2017YFB0801701),National Natural Science Foundation of China(61572123),Program for Liaoning Innovative Research Team in University(LT2016007) and CERNET Innovation Project(NGII20160616).

PDF (PC)

507

Abstract: With IPv6 network traffic rapidly increasing,the traditional intrusion detection systems,such as Snort,based on speci-fic rules to detect DoS intrusion attacks,have the poor performance and adaptability in detecting DoS attacks.In order to solve the problem of detecting DoS attacks in IPv6,the KNN algorithm is improved in this paper.First,in order to decrease the number of low influential sub-features of discrete type features,the approach of selecting and clustering of sub-feature is implemented by information gain ratio,which can decrease the number of features and improve the efficiency in detecting DoS attack in IPv6.Se-cond,the improved algorithm GR-AD-KNN using information gain ratio as the weight of features to change Euclidean distance is proposed to achieve DoS attack detection.Based on a metric about reverse distance influence,the classification decision method in KNN algorithm is optimized,then the accuracy of detection approach is further improved.Experiments show that,compared with the TAD-KNN algorithm based on the average distances to classify attacks and the GR-KNN algorithm which only optimizes the Euclidean distance definition,the GR-AD-KNN algorithm not only improves the overall detection performance in IPv6 network traffic features detection,but also has better detection results on small population attack samples.

Key words: Average increment distance classification, GR-AD-KNN algorithm, Information gain ratio, IPv6, Twice reducing dimensionality of features

CLC Number: 

  • TP393.0
[1] SUN S Y.IPv6:Opportunities for the Development of NextGeneration Internet in China [J].The Internet Economy,2018(8):20-25.
[2] PRAPTODIYONO S,MURUGESAN R K,HASBULLAH IH,et al.Security mechanism for IPv6 stateless address autoconfiguration[C]// International Conference on Automation,Cognitive Science,Optics,MICRO Electro-Mechanical System,and Information Technology.IEEE,2016:31-36.
[3] WANG J S,LI J Y,ZHANG H W,et al.Design of Large-scale Network Anomaly Traffic Detection System Based on IPv6[J].Computer Engineering,2018,44(10):14-21.
[4] ARD J B.Internet Protocol version Six (IPv6) at UC Davis:Traffic Analysis with a Security Perspective[J].Dissertations & Theses - Gradworks,2012:20.
[5] SAGALA A.Automatic SNORT IDS rule generation based on honeypot log[C]// International Conference on Information Technology and Electrical Engineering.IEEE,2016:576-580.
[6] ZULKIFLEE M.A Framework of Features Selection for IPv6 Network Attacks Detection[J].WSEAS Transactions on Communications,2015,14(46):399-408.
[7] LI D,LI Y,YUAN C,et al.The application of decision treeC4.5 algorithm to soil quality grade forecasting model[C]// IEEE International Conference on Computer Communication and the Internet.IEEE,2016:552-555.
[8] LI B,CHEN A B,ZHOU T,et al.Grade evaluation based on improved C4.5 algorithm in forest fire danger[J].Hunan Forestry Science & Technology,2018,45(1):36-40.
[9] DU J L,YAN W L.Multiple classifiers of C4.5 decision tree based on distance weight[J].Computer Engineering and Design,2018,39(1):96-102.
[10] XIAO H H,DUAN Y M.Improved the KNN Algorithm Based on Related to the Distance of Attribute Value[J].Computer Science,2013,40(S2):157-159,187.
[11] DAI P W,PAN B,WANG Y M,et al.An Improved KNN Algorithm Based on Analytic Hierarchy Process[J].Journal of Liaoning Shihua University,2018,38(4):87-92.
[12] PENG Y.Precision marketing system of terminal based on Data mining[D].Nanjing:Nanjing University,2014.
[13] ZHANG Y Q.Improvement of Algorithm for finding Segmentation Points of Continuous Value of Decision Tree[J].Computer CD Software and Applications,2013,16(23):116-117.
[14] KDD Cup 1999 Data [EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[1] WANG Dong, WANG Hu and JIANG Qian-li. Low Power Long Distance Marine Environment Monitoring System Based on 6LoWPAN [J]. Computer Science, 2020, 47(6A): 596-598.
[2] PANG Li-hui and JIANG Feng. Research on High Performance Rule Matching Algorithm in IPV6 Networks [J]. Computer Science, 2017, 44(3): 158-162.
[3] CAO Xu, ZHU Yue-fei and FEI Jin-long. Cooperative Address Knocking Based Covert Authentication [J]. Computer Science, 2016, 43(9): 175-179.
[4] ZHANG Jian-ming, ZHAO Li-jie and FENG Xia. Fast Handover Strategy Research Based on Mobile IPv6 in VANET [J]. Computer Science, 2016, 43(10): 93-97.
[5] QIN Li, HUANG Shu-guang and CHEN Xiao. Research on Invulnerability of IPv6 AS-level Internet [J]. Computer Science, 2015, 42(8): 161-165.
[6] CHEN Yuan, ZHANG Qi-zhi, RAO Liang and ZHAO Gan-sen. Distributed Network Mobility Management over Proxy Mobile IPv6 Network [J]. Computer Science, 2015, 42(2): 76-80.
[7] WANG Xuan,WANG Zhen-xing,WANG Yu and ZHANG Lian-cheng. SSI:A Same Source Identification Model for Multiple IPv6/IPv4 Addresses [J]. Computer Science, 2014, 41(8): 139-143.
[8] LIU Qiao-shou,ZHANG-Wei,WANG Ru-yan and WU Da-peng. Performance Analysis for Fragmentation and Assembly Algorithm of 6LoWPAN Adaptation Layer [J]. Computer Science, 2014, 41(7): 176-180.
[9] LIU Hui-sheng,WANG Zhen-xing,ZHANG Lian-cheng and HOU Yi. Overlay Network Based IPv6Network Architecture Protection Model [J]. Computer Science, 2013, 40(6): 71-75.
[10] WANG Jian-feng,CHEN Can-feng,LIU Jia and XI Min-jun. Internet of Things Architecture Based on IPv6and Bluetooth Low Energy [J]. Computer Science, 2013, 40(5): 97-102.
[11] TANG Wei,TANG Hong-bo and CHEN Lu. PMIPv6Based Fast Handover Scheme for Network Mobility [J]. Computer Science, 2013, 40(11): 43-47.
[12] . Optimization Scenarios of Interactions between MIPv6 and PMIPv6 Based on Fast Handover [J]. Computer Science, 2012, 39(8): 47-.
[13] . Provable Secure Route Optimization Scheme for HMIPv6 in Wireless Mesh Network [J]. Computer Science, 2012, 39(3): 62-66.
[14] QIU Quan-jie,WU Zhong-fu. Method for Available Bandwidth Measuring and Analysis of IPv6 Network [J]. Computer Science, 2011, 38(4): 84-86.
[15] WANG Ya-gang,DU Hui-min,YANG Kang-ping. Two-stage IPv6 Address Lookup Scheme Based on Hash Tables and Tree Bitmaps [J]. Computer Science, 2010, 37(9): 36-39.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.