DDoS attack intrusion detection based on relative entropy-CNN

Konferenz: ISCTT 2021 - 6th International Conference on Information Science, Computer Technology and Transportation
26.11.2021 - 28.11.2021 in Xishuangbanna, China

Tagungsband: ISCTT 2021

Seiten: 5Sprache: EnglischTyp: PDF

Persönliche VDE-Mitglieder erhalten auf diesen Artikel 10% Rabatt

Yuan, Ming; Yang, Guiqin (School of Electronic and Information Engineering, LanZhou Jiaotong University, Lan Zhou, China)

Aiming at the low detection accuracy and high false alarm rate of traditional DDoS attack detection methods, this paper proposes a DDoS attack detection model that combines statistical analysis and deep learning. Firstly, monitor port traffic based on relative entropy to determine whether there is abnormal traffic, and extract traffic characteristics after detecting anomalies; then preprocess the abnormal traffic into a two-dimensional matrix, and implement attack detection with the help of a convolutional neural network (CNN) recheck module. In order to verify the effects of the previously mentioned methods, simulation experiments are carried out on the methods in this article, traditional statistical methods and machine learning algorithms, and the experimental results are compared. Experimental results show that the algorithm of this subject can efficiently detect DDoS attacks. Experimental results show that the algorithm of this subject can efficiently detect abnormal traffic. Compared with the traditional algorithm, the detection accuracy is increased by 1.8%, and the CPU occupancy rate is reduced by 43%. The DDoS attack detection model based on relative entropy-CNN has higher detection efficiency and faster response to abnormal traffic.