{"title":"估计DDOS攻击检测类型的复杂性","authors":"N. Ignatev, E. Navruzov","doi":"10.47839/ijc.21.4.2779","DOIUrl":null,"url":null,"abstract":"The problem of substantiating decisions made in the field of information security through estimates of the complexity of detecting types of DDOS attacks is considered. Estimates are a quantitative measure of a particular type of attack relative to normal network operation traffic data in its own feature space. Own space is represented by a set of informative features. To assess the complexity of detecting types of DDOS attacks, a measure of compactness by latent features on the numerical axis was used. The values of this measure were calculated as the product of intraclass similarity and interclass difference. It is shown that compactness in terms of latent features in its own space is higher than in the entire space. The values of latent features were calculated using the method of generalized estimates. According to this method, objects of normal traffic and a specific type of attack are considered as opposition to each other. An informative feature set is the result of an algorithm that uses the rules of hierarchical agglomerative grouping. At the first step, the feature with the maximum weight value is included in the set. The grouping rules apply the feature invariance property to the scales of their measurements. An analysis of the complexity of detection for 12 types of DDOS attacks is given. The power of sets of informative features ranged from 3 to 16.","PeriodicalId":37669,"journal":{"name":"International Journal of Computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Estimates of the Complexity of Detecting Types of DDOS Attacks\",\"authors\":\"N. Ignatev, E. Navruzov\",\"doi\":\"10.47839/ijc.21.4.2779\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The problem of substantiating decisions made in the field of information security through estimates of the complexity of detecting types of DDOS attacks is considered. Estimates are a quantitative measure of a particular type of attack relative to normal network operation traffic data in its own feature space. Own space is represented by a set of informative features. To assess the complexity of detecting types of DDOS attacks, a measure of compactness by latent features on the numerical axis was used. The values of this measure were calculated as the product of intraclass similarity and interclass difference. It is shown that compactness in terms of latent features in its own space is higher than in the entire space. The values of latent features were calculated using the method of generalized estimates. According to this method, objects of normal traffic and a specific type of attack are considered as opposition to each other. An informative feature set is the result of an algorithm that uses the rules of hierarchical agglomerative grouping. At the first step, the feature with the maximum weight value is included in the set. The grouping rules apply the feature invariance property to the scales of their measurements. An analysis of the complexity of detection for 12 types of DDOS attacks is given. The power of sets of informative features ranged from 3 to 16.\",\"PeriodicalId\":37669,\"journal\":{\"name\":\"International Journal of Computing\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.47839/ijc.21.4.2779\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.47839/ijc.21.4.2779","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}
Estimates of the Complexity of Detecting Types of DDOS Attacks
The problem of substantiating decisions made in the field of information security through estimates of the complexity of detecting types of DDOS attacks is considered. Estimates are a quantitative measure of a particular type of attack relative to normal network operation traffic data in its own feature space. Own space is represented by a set of informative features. To assess the complexity of detecting types of DDOS attacks, a measure of compactness by latent features on the numerical axis was used. The values of this measure were calculated as the product of intraclass similarity and interclass difference. It is shown that compactness in terms of latent features in its own space is higher than in the entire space. The values of latent features were calculated using the method of generalized estimates. According to this method, objects of normal traffic and a specific type of attack are considered as opposition to each other. An informative feature set is the result of an algorithm that uses the rules of hierarchical agglomerative grouping. At the first step, the feature with the maximum weight value is included in the set. The grouping rules apply the feature invariance property to the scales of their measurements. An analysis of the complexity of detection for 12 types of DDOS attacks is given. The power of sets of informative features ranged from 3 to 16.
期刊介绍:
The International Journal of Computing Journal was established in 2002 on the base of Branch Research Laboratory for Automated Systems and Networks, since 2005 it’s renamed as Research Institute of Intelligent Computer Systems. A goal of the Journal is to publish papers with the novel results in Computing Science and Computer Engineering and Information Technologies and Software Engineering and Information Systems within the Journal topics. The official language of the Journal is English; also papers abstracts in both Ukrainian and Russian languages are published there. The issues of the Journal are published quarterly. The Editorial Board consists of about 30 recognized worldwide scientists.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
