摘要
DDOS攻击是当前网络安全的最大威胁之一。将分布式检测技术与流量控制技术相结合提出了一种D&SFC(Distributed and Simple Flow Control)DDOS攻击检测框架,即具有简单流量控制功能的分布式DDOS检测框架。其特点是利用多层次的结构,结合包过滤及带宽控制技术,在网络拓扑的不同节点上实现网络流量的简单控制,在进行DDOS攻击检测的同时降低了攻击数据包对网络性能的影响。
DDOS attack has became one of the rigorous network security threats. The paper introduces a D&SFC ( Distributed and Simple Flow Control) DDOS attack detection framework on the combination of distributed detection and flow control techniques, to make the distributed DDOS detection framework with simple flow control function. By using multiple layer structure, packet filtering and bandwidth controlling techniques as its specialities, the framework realized simple network flow control at different points in net topology. When detecting DDOS attacks it decreased the impacts of attack packets on network performance.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第6期6-7,18,共3页
Computer Applications and Software
基金
国家"八六三"高技术研究发展计划重大项目(2005AA145110)
上海浦东科技创新公共服务平台重大项目(PDPT2005-04)资助
国家"八六三"高技术研究发展计划信息安全增值服务平台(东部)(2005AA145110)
