摘要： 为准确及时检测DDoS攻击，在研究小波分析法检测DDoS攻击的基础上，提出一种基于主成分分析法和小波分析法的自适应DDoS检测方法，设计采用该方法检测DDoS攻击的模型及算法，分析其增大正常网络流量与异常网络流量之间Hurst参数差值的原因。实验结果表明，该方法减弱了检测结果对门限值的依赖性，提高检测率，防止漏报、误报情况的发生，且由于网络数据维数的降低，该方法大幅提高了检测速度。

关键词: 分布式拒绝服务, 网络自相似, 小波分析, 主成分分析

Abstract: In order to detect Distributed Denial of Service(DDoS) attack accurately and timely, a new detection method based on Principle Component Analysis(PCA) and wavelet analysis is proposed. Software model and algorithm for detection of DDoS attack is presented. In addition, key reasons for the change of the Hurst’s value in the new method are analyzed. Experimental results show the method reduces the dependence for threshold, promotes the detection rate, avoids the situation of fail report and distort. It also improves the detection speed.

Key words: Distributed Denial of Service(DDoS), network self-similarity, wavelet analysis, Principle Component Analysis(PCA)

中图分类号: 

• TP301.5