检测SYN洪水攻击的动态模型

A Dynamic Model for Detecting SYN Flooding Attack

分布式拒绝服务攻击对 Internet威胁很大。正常服务器在这种攻击下资源会被很快消耗掉 ,从而不能为合法用户提供服务。本文提出了一个简单实用的动态检测模型用于检测 SY N洪水攻击 ,可以实时有效和准确地检测到最为流行的SYN洪水攻击。在模型中采用基于 CU SU M(Cumulative Sum)的自调整算法 。

Distributed denial of service attack forms a prolific threat to Internet. The resources of servers are quickly consumed under such an attack, making them unav ailable to legitimate users. In this paper, we present a simply and applied dyn amic model for detecting SYN flooding attack, which is the most popular DOS atta ck. It can detect SYN flooding attack in real time effectively and accurately. We adapt a selfadaptive algorithm that is based on CUSUM (Cumulative S um) algorithm to decrease the ratio of false alarm.