基于改进的TCM-KNN DoS检测算法

Algorithm Based on ITCM-KNN for Denial of Service Detection

  • 摘要: 由于实现方式简单、攻击形式多样、威胁范围广、不易防御和区分,拒绝服务(DoS)攻击已经成为网络的最主要安全威胁之一。该文提出了一种ITCM-KNN算法,在此基础上建立了DoS检测框架。使用标准数据集KDD Cup 1999进行算法验证和分析实验。采用基于信息增益算法选择了5个特征,在保证高检测效果的同时减少了特征的维数。该算法不需要对攻击进行学习和建模,使用少量的正常样本作为训练集,提高了检测性能。实验结果表明,改进的TCM-KNN算法检测率高于SVM等算法,达到99.99%。

     

    Abstract: Because of the simplicity of the implementation, various attacking forms, destructivity, and difficulty of filtering out, DoS has become one of the most serious security threats to the Internet. In this paper, we propose an improved transductive confidence machines for k-nearest neighbors (ITCM-KNN) algorithm and establish a framework for DoS detection. Evaluation and experiments of the algorithm are based on the standard dataset KDD Cup 1999 with 5 selected features using the information gain algorithm, which can ensure high detection rate while reducing the dimension of the features. The proposed algorithm does not need learning and modeling attacks. It only needs a small number of samples as training data set. The comparison results show that the true positive rate (TP) of the improved TCM-KNN algorithm is about 99.99%, which is higher than other detection algorithm such as SVM.

     

/

返回文章
返回