摘要
由于网络中泛洪攻击生成的恶意流量常与正常流量在一定程度上具有相似性,使得传统方法将正常流量认定为恶意攻击,定位准确性较低。为此,研究弱关联节点强化下网络泛洪攻击检测方法。构建网络弱关联节点分布模型,结合已知节点和未知节点位置关系,建立弱关联节点快速定位方程,以定位节点位置;将弱关联节点接收报文的周期性作为特征,检测泛洪攻击;通过在检测到泛洪攻击的弱关联节点伪造报警包的方式强化节点,遵循泛洪攻击报文发送的路径回溯,完成泛洪攻击防御。实验结果表明,该方法定位弱关联节点测度指标值均高于0.9,可检测到泛洪攻击,并实现泛洪攻击防御。
The malicious traffic generated by flooding attacks in the network is similar to the normal traffic to a certain extent,so the traditional methods usually identify the normal traffic as malicious attacks,which results in low localization accuracy.To this end,a detection method for network flooding attacks under weakly correlated node reinforcement is studied.A distribution model for weakly correlated nodes in the network is built.In combination with the position relationship between known and unknown nodes,a fast localization equation for weakly correlated nodes is established to locate node positions.The periodicity of messages received by weakly correlated nodes is taken as a feature to detect flooding attacks.By forging alarm packets at the weakly correlated nodes that detected the flooding attacks,the nodes are strengthened.The flood attack defense is completed by following the path backtracking sent by the flooding attack message.The experimental results show that the measurement indicators for locating weakly correlated nodes by this method are all above 0.9,and that the method can detect flooding attacks and implement flooding attack defense.
作者
李晓粉
张兆娟
LI Xiaofen;ZHANG Zhaojuan(College of Information Engineering,China Jiliang University,Hangzhou 310018,China)
出处
《现代电子技术》
北大核心
2024年第7期100-103,共4页
Modern Electronics Technique
基金
浙江省自然科学基金资助项目(LQ22F020021)。
关键词
弱关联节点
网络
泛洪攻击
节点强化
周期性
攻击检测
攻击防御
通信速率
weakly correlated node
network
flooding attack
node reinforcement
periodicity
attack detection
attack defense
communication rate
作者简介
李晓粉(1989-),女,山东临沂人,硕士,高级工程师,研究方向为人工智能、网络安全。;张兆娟(1990-),女,江西九江人,博士,讲师,研究方向为人工智能、无线传感器网络。
