通过分析分布式拒绝服务(DDoS)攻击的特征和攻击发生时效据流五元组熵值的变化,提出一种基于数据流结构稳定性(FSS)的检测算法.采用AR自回归模型估计FSS时间序列多维特征参数,使用经过样本训练的支持向量机对特征参数进行分类来识别攻击.经实验验证,该算法具备较高的检测质量.%Through the analysis of the Distributed Denial of Service(DDoS) attack characteristics and the entropy changes of data flow five-tuple during the attacks, this paper proposes a detection model based on data Flow Struct Stability(FSS). This method through AR autoregression model to estimate multi-dimensional characteristic parameter of FSS time series, then classifies Support Vector Machine(SVM) with sample training into several categories and uses these results to identify the attacks. Experiments show that the model has high detection quality.
展开▼