Distributed denial of service(DDoS)attacks are one of the main threats to network security.In recent years,the number of mixed attacks based on various different DDoS attack methods has significantly increased.How to simultaneously detect multiple types of DDoS at-tacks while ensuring accuracy has become an urgent problem to be solved.To this end,a deep forest based multi type DDoS attack detection method is proposed.This method first uses a feature selection algorithm based on average impure to sort and filter features on multiple types of abnormal traffic datasets;Then,multi granularity scanning is used to extract features from the DDoS training set,and a cascaded forest hierar-chical training model is used to generate a deep forest model that can be used for DDoS malicious traffic detection and classification.The exper-imental results show that compared with six mainstream tree class ensemble learning models,the classifier trained based on the improved deep forest DDoS attack detection method has the lowest accuracy improvement of 0.8%and the lowest recall improvement of 0.9%;Compared with before the improvement,the accuracy of the improved model increased by 1.3%,the weighted recall increased by 1.3%,and the training time decreased by 29.7%.The overall performance of the model has significantly improved.
关键词
多类型攻击检测/分布式拒绝服务攻击/深度森林/多粒度扫描/级联森林/平均不纯度
Key words
multi-type attack detection/distributed denial of service attack/deep forest/multi-granularity scanning/cascade forest/aver-age impurity
维普
万方数据