中文摘要：

低速率拒绝服务（LDoS,low-rate denial of service）攻击是一种降质服务（RoQ,reduction of quality）攻击,具有平均速率低和隐蔽性强的特点,它是云计算平台和大数据中心面临的最大安全威胁之一。提取了LDoS攻击流量的3个内在特征,建立基于BP神经网络的LDoS攻击分类器,提出了基于联合特征的LDoS攻击检测方法。该方法将LDoS攻击的3个内在特征组成联合特征作为BP神经网络的输入,通过预先设定的决策指标,达到检测LDoS攻击的目的。采用LDoS攻击流量专用产生工具,在NS2仿真平台和test-bed网络环境中对检测算法进行了测试与验证,实验结果表明通过假设检验得出检测率为96.68%。与现有研究成果比较说明基于联合特征的LDoS攻击检测性优于单个特征,并具有较高的计算效率。

英文摘要：

LDoS （low-rate denial of service） attack is a kind of RoQ （reduction of quality） attack which has the characte- ristics of low average rate and strong concealment. These characteristics pose great threats to the security of cloud com- puting platform and big data center. Based on network traffic analysis, three intrinsic characteristics of LDoS attack flow were extracted to be a set of input to BP neural network, which is a classifier for LDoS attack detection. Hence, an ap- proach of detecting LDoS attacks was proposed based on novel combined feature value. The proposed approach can speedily and accurately model the LDoS attack flows by the efficient self-organizing learning process of BP neural net- work, in which a proper decision-making indicator is set to detect LDoS attack in accuracy at the end of output. The pro- posed detection approach was tested in NS2 platform and verified in test-bed network environment by using the Linux TCP-kernel source code, which is a widely accepted LDoS attack generation tool. The detection probability derived from hypothesis testing is 96.68%. Compared with available researches, analysis results show that the performance of com- bined features detection is better than that of single feature, and has high computational efficiency.