The method for DDoS attacks recognition based on artificial intelligence
Ескіз недоступний
Дата
2022
Автори
Науковий керівник
Назва журналу
Номер ISSN
Назва тому
Видавець
КПІ ім. Ігоря Сікорського
Анотація
Distributed Denial of Service (DDoS) has always been a key research object in the field of network security, which seriously threatens the development of network security in daily work and has a huge impact on the network environment. DDoS attack refers to the use of client/server technology to unite multiple computers as an attack platform to launch DDoS attacks against one or more targets, thereby multiplying the power of denial-of-service attacks. When a network device suffers a DDoS attack, the most obvious phenomenon is that the network device receives a large number of unknown packets and data streams. For enterprises, a company's network egress usually corresponds to a single IP, if there is an abnormal host in the enterprise, it may affect other users, so the enterprise security gateway needs to suppress and warn of abnormal behavior. However, the business traffic within an enterprise is very diverse, and it is difficult to accurately and effectively filter abnormal traffic, and it is impossible to distinguish normal sudden traffic. The current traffic inspection method is mainly based on deep packet inspection (D e e p Packet Inspection, DPI), which can only determine the type of traffic, and has limitations in the analysis of the specific behavior of the client, so it cannot effectively determine whether the network equipment of the enterprise has suffered a DDoS attack.
Опис
Ключові слова
Бібліографічний опис
Pogorelov, V. The method for DDoS attacks recognition based on artificial intelligence / Volodymyr Pogorelov, Wenjiao Shi // Прикладна математика та комп’ютинг ПМК' 2022. П'ятнадцята конференція магістрантів та аспірантів Київ, 16-18 листопада 2022 р. : збірник тез доповідей. - Київ : КПІ ім. Ігоря Сікорського, 2022. - С. 405-410.