Research And Design Of A DDoS Attacks Detection System Based On Hadoop

With the excellent advantages of cloud computing,it has attracted significant concern from enterprises and users in recent years.Especially,the network reliability and application security become the key techniques of cloud computing.For the main threats to the large scale network security,the DDoS attack has been one of the vital issues of nerwork security.According to the characteristics and benefits of cloud computing,this paper proposes a DDoS attacks detection system based on Hadoop.Traditional DDoS attacks detection systems are emphasis on the accuracy.Its data processing and flexible adaptive capability are insufficient,therefore,the systems are not suitable for the dynamic and varied cloud environment.Thus,the paper proposes a DDoS attacks detection systems which is distributed,extendible and suitable for cloud.The system can realize the data compaction and fusion of numerous multi-source data,and then it can manage and analyse data uniformly.Building modular design,each module is independent in fuction.As basing on Hadoop,the system can fast mining high value information from all kinds of data.Therefore,there is not only powerful processing capability,but also good scalability.The central method for the DDoS attacks detection system based on Hadoop is using the decision tree algorithm,which is the efficient data mining method in KDD.When creating a decision tree,the classical ID3 decision tree algorithm has the weakness that is the loose connection between two nodes,furthermore,it tends to choose the attribute which has more values.On the one hand,the paper proposes a new decision tree algorithm based on mutual information entropy.As improving the traditional attribute selection criteria,the mutual information entropy remedies the limitation of the existing information entropy.On the other hand,with the system basing on cloud computing,the calculation of the mutual information entropy is paralleled so the efficiency of the algorithm is improved.In conclusion,the paper puts forward a DDoS attacks detection system based on Hadoop.Using the parallel decision tree method based on mutual information,the system realizes to detect DDoS attacks from the numerous multi-source data.Through the Hadoop platform to complete the simulation experiment,the experimental results show that it has high accuracy compared to other DDoS attacks detection system.Inaddition,through the MapReduce processing framework,the efficiency of the DDoS attacks detection algorithm is improved.