摘要
本文提出了一种新型的基于网络流量自相似性的 DDoS 防护机制,给出了该机制的体系结构,其中包括攻击检测、路径定位、特征提取、生成响应策略、实时响应、处理结束等步骤。并在此基础上,对其数据结构和工作机制进行详细的分析和设计。实验证明此方法能够较好地对 DDoS 攻击加以检测和防护,比传统的基于特征匹配的 DDoS 入侵防护方法具有较好的性能。
This paper presents a new defense mechanism of DDoS based on Self-similarity of Network Traffics based on analysis of parameter of Self-similar, first we design a system architecture for it, includes attack detection, route-tracing, characteristic- refining, and so on. And then we mostly research it's data structure and working mechanism. As it showed by the research result this mechanism can detected and defend on DDoS attack, and is more reliable on the recognition of all kinds of DDoS attack than any other method based on character recognize.
出处
《计算机科学》
CSCD
北大核心
2006年第3期101-104,共4页
Computer Science
基金
本文由电子科技大学青年基金支持
