A DDoS attack situation assessment method via optimized cloud model based on influence function

Xiangyan Tang, Qidong Zheng, Jieren Cheng, Victor S. Sheng, Rui Cao, Meizhu Chen

Research output: Contribution to journalArticlepeer-review

9 Scopus citations

Abstract

The existing network security situation assessment methods cannot effectively assess the Distributed denial-of-service (DDoS) attack situation. In order to solve these problems, we propose a DDoS attack situation assessment method via optimized cloud model based on influence function. Firstly, according to the state change characteristics of the IP addresses which are accessed by new and old user respectively, this paper defines a fusion feature value. Then, based on this value, we establish a V-Support Vector Machines (V-SVM) classification model to analyze network flow for identifying DDoS attacks. Secondly, according to the change of new and old IP addresses, we propose three evaluation indexes. Furthermore, we propose index weight calculation algorithm to measure the importance of different indexes. According to the fusion index, which is optimized by the weighted algorithm, we define the Risk Degree (RD) and calculate the RD value of each network node. Then we obtain the situation information of the whole network according to the RD values, which are from each network nodes with different weights. Finally, the whole situation information is classified via cloud model to quantitatively assess the DDoS attack situation. The experimental results show that our method can not only improve the detection rate and reduce the missing rate of DDoS attacks, but also access the DDoS attack situation effectively. This method is more accurate and flexible than the existing methods.

Original languageEnglish
Pages (from-to)1263-1281
Number of pages19
JournalComputers, Materials and Continua
Volume60
Issue number3
DOIs
StatePublished - 2019

Keywords

  • Cloud model
  • DDoS attack
  • Influence function
  • V-SVM

Fingerprint

Dive into the research topics of 'A DDoS attack situation assessment method via optimized cloud model based on influence function'. Together they form a unique fingerprint.

Cite this