期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

DDOS攻击检测和防御模型 被引量:34

DDOS Attack Detecting and Defending Model
下载PDF
导出
摘要 提出了基于聚集和协议分析防御分布式拒绝服务攻击(aggregate-based protocol analysis anti-DDoS,简称APA-ANTI-DdoS)模型来检测和防御DDoS攻击.APA-ANTI-DDoS模型包括异常流量聚集、协议分析和流量处理.异常流量聚积把网络流量分为正常流量和异常流量;协议分析寻找异常流量中DDoS攻击流量的特征;流量处理则根据当前的DDoS攻击流量特征,过滤异常流量并测试当前聚积流量的拥塞控制特性,恢复被误判的流量.随后实现了APA-ANTI-DDoS系统.实验结果表明,APA-ANTI-DDoS模型能很好地识别和防御DDoS攻击,能在误判时恢复非攻击流量,保证合法的正常网络通信. This paper presents the APA-ANTI-DDoS (aggregate-based protocol analysis anti-DDoS) model to detect and defend the DDoS attack. APA-ANTI-DDoS model contains the abnormal traffic aggregate module, the protocol analysis module and the traffic processing module. The abnormal traffic aggregate module classifies the network traffic into normal traffic and the abnormal traffic; the protocol analysis module analyzes the potential features of DDoS attack traffic in the abnormal traffic; the traffic processing module filters the abnormal traffic according to the current features of DDoS attack, and resumes the non-attack traffic with the help of testing the congestion control feature of the traffic. The paper then implements the APA-ANTI-DDoS system. The experimental results show that APA-ANTI-DDoS model can primely detect and defend DDoS attack and resume the non-attack traffic at the time of miscarriage of justice to guarantee the legal communication traffic.
作者 孙知信 姜举良 焦琳
机构地区 南京邮电大学计算机学院
出处 《软件学报》 EI CSCD 北大核心 2007年第9期2245-2258,共14页 Journal of Software
基金 Supported by the National Natural Science Foundation of China under Grant No.60572131(国家自然科学基金) the Key Technologies R&D Program of Jiangsu Province of China under Grant No.BE2007058(江苏省科技攻关项目) the Scientific Research Foundation for the Returned Overseas Chinese Scholars Ministry of Education of China and Nanjing Government(国家教育部和南京市回国人员基金) the Scientific Development Foundation of Government(南京市科技发展计划) the Scientific Research Foundation of NJUPT under Grant No.NY206008(南京邮电大学攀登计划) the Scientific Research Foundation of ZTE and Huawei Corporation of China(中兴及华为基金)
关键词 分布式拒绝服务攻击 拥塞控制 洪流攻击 聚集 异常流量 协议分析 distributed denial of service attack congestion control flood attack aggregate abnormal traffic protocol analysis
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献3

二级参考文献16

  • 1Zseby T, Zander S, Carle G. Evaluation of build blocks for passive one-way-delay measurements. In: Proceedings of Passive and Active Measurement Workshop (PAM 2001), Amsterdam, Netherlands, 2001. 23~24.
  • 2Duffield N, Grossglauser M. Trajectory sampling for direct traffic observation. IEEE/ACM Transactions on Networking,2001, 9(3): 280~292.
  • 3Cozzani I, Giordano S. A passive test and measurement system: Traffic sampling for QoS evaluation. In: Proceedings of GLOBECOM 1998. Sidney Australia, 1998. 1236~1241.
  • 4Claffy K, Polyzos G, Braun H. Application of sampling methodologies to network traffic characterization. In: Proceedings of ACM SIGCOMM'93, San Francisco California, 1993. 194~203.
  • 5Paxson V, Almes G, Mahdavi J, Mathis M. Framework for IP performance metrics. IETF RFC2330, 1998.
  • 6Jin Zhen-Yu. Information Theory. Beijing, Beijing University of Science and Technology Press, 1991(in Chinese).
  • 7Reynolds J, Postel J. Assigned numbers. IETF RFC1700,1994.
  • 8Tang Xiang-Neng, Dai Jian-Hua. Mathematics Statistics. Beijing, Mechanism Technology Press, 1994(in Chinese).
  • 9Duffield N. A framework for passive packet measurement.IETF draft-ietf-psamp-framework-00, 2002.
  • 10Thompson K, Miller G J, Wilder R. Wide-area Internet traffic patterns and characteristics. IEEE Network, 1997, 11 (6) : 10~23.

共引文献60

同被引文献182

引证文献34

二级引证文献136

软件学报
2007年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部