DDoS Attack Security Situation Assessment Model Using Fusion Feature Based on Fuzzy C-Means Clustering Algorithm

摘要

DDoS attacks have impaired the network availability seriously in the new network environment and the traditional network situation assessment methods cannot effectively evaluate the DDoS attack security situation. In this paper, a DDoS attack security situation assessment model using fusion feature based on Fuzzy C-means (FCM) clustering algorithm has been proposed. This model generates a fusion feature according to network flow changes in IP address of old and new users, and calculates the risk index of each network node on the basis of fusion feature and obtains the security situation information of the whole network by fusing the risk indexes of all network nodes, and clusters the fusion situation information with FCM into five security levels, so as to quantitatively evaluate the DDoS attack security situation of the whole network through the proposed situation risk degree recognition model. Experiments on real DDoS data show that the proposed model can assess the DDoS attack security situation reasonably and effectively and be more flexible than non-fuzzy methods.