Title: Multi-source network attack tracing method based on traffic characteristics

Authors: Hui Hong; Wei Yang; Bocheng Sun; Ling Zhang

Addresses: Education Technology and Information Centre, Shangqiu Medical College, Shangqiu, Henan Province, China ' Education Technology and Information Centre, Shangqiu Medical College, Shangqiu, Henan Province, China ' Teaching Affair Office of Shangqiu Medical College, Shangqiu, Henan Province, China ' Education Technology and Information Centre, Shangqiu Medical College, Shangqiu, Henan Province, China

Abstract: In order to overcome the shortcomings of low accuracy in traditional methods for extracting traffic characteristics, low traceback accuracy and long duration, a multi-source network attack tracing method based on traffic characteristics is proposed. A network traffic data collection window is set up and traffic characteristics are extracted. Mutual information is used to achieve traffic feature selection. Hidden Markov model is utilised to determine the status of the multi-source network and hosts, and combined with anomaly traffic detection for multi-source network attacks. Based on the detection results, the IP addresses of the originating hosts are traced and the results of multi-source network attack traceback is obtained. The experimental results show that the mean accuracy of traffic feature extraction in this method is 95.68%, the mean traceback accuracy is 97.25% and the time fluctuates between 0.22 s and 0.35 s.

Keywords: traffic characteristics; multi-source network attacks; traceback; feature selection; Hidden Markov model.

DOI: 10.1504/IJCAT.2024.143298

International Journal of Computer Applications in Technology, 2024 Vol.74 No.4, pp.258 - 266

Received: 15 Jan 2024
Accepted: 30 Apr 2024
Published online: 12 Dec 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article