Low-rate Denial of Service attack detection method based on time-frequency characteristics

Abstract

In this paper, a real cloud computing platform-oriented Low-rate Denial of Service (LDoS) attack detection method based on time-frequency characteristics of traffic data is proposed. All the traffic data flowing through the Web server is acquired by the collection and storage system, the original traffic data is divided into multiple flow segments by the preprocessing module, and the simple statistical features of several data packets in the flow are extracted by the analysis tool to form the detection sequence. The deep neural network is used to learn the potential time-frequency domain connection in the normal feature sequence and generate the reconstructed sequence. The discrimination module discriminates against the LDoS attack according to the difference between the reconstructed sequence and the input data in the time-frequency domain. The experimental results show that the proposed method can accurately detect the attack features in the stream segments in a very short time, and can achieve high detection accuracy for complex and diverse LDoS attacks. Because only the statistical characteristics of data packets are used, it is not necessary to analyze the data in the packets, which can be adapted to different network environments.