Acta Metallurgica Sinica(English letters) ›› 2008, Vol. 15 ›› Issue (3): 59-63.doi:

• Wireless • Previous Articles     Next Articles

DDoS detection based on wavelet kernel support vector machine

YANG Ming-hui, WANG Ru-chuan   

  1. College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China
  • Received:2007-10-10 Revised:1900-01-01 Online:2008-09-30


To enhance the detection accuracy and deduce false positive rate of distributed denial of service (DDoS) attack detection, a new machine learning method was proposed. With the analysis of support vector machine (SVM) and the wavelet kernel function theory, an admissive support vector kernel, which is a wavelet kernel constructed in this article, implements the combination of the wavelet technique with SVM. Then, wavelet support vector machine (WSVM) is applied to DDoS attack detections and as a classifying means to test the validity of the wavelet kernel function. Simulation experiments show that under the same conditions, the predictive ability of WSVM is improved and the computation burden is alleviated. The detection accuracy of WSVM is higher than the traditional SVM by about 4%, while its false positive is lower than the traditional SVM. Thus, for DDoS detections, WSVM shows better detection performance and is more adaptive to the changing network environment.

Key words:

wavelet kernel function;wavelet supporting vector machine;DDoS detection