摘要
提出了一种基于用户信誉值防御DDoS攻击协同(CDDACR,cooperation defense DDoS attack based on client reputation)模型来检测和防御DDoS攻击。该模型在逻辑上由2个检测代理构成:路由器端的RDA(router detection agent)和服务器端的SDA(server detection agent)。RDA对用户数据流进行粗粒度检测,旨在过滤具有明显DDoS攻击特征的恶意数据流;SDA对用户数据流进行细粒度检测,检测并过滤恶意的狡猾攻击和低流量攻击,RDA和SDA协同工作来实时监测网络状况。实验结果表明,CDDACR模型能实时地识别和防御DDoS攻击,并且在异常发生时有效地阻止服务器被攻击的可能性。
The CDDACR (cooperation defense DDoS attack based on client reputation) model was presented to detect and defend the DDoS attack. Two detection agents made up of the CDDACR model logically: the RDA which set up on the router and the SDA which set up on the server. RDA coarse-grained detected the traffic to filter out the obvious unau- thorized clients' traffic; SDA fine-grained detected the client's traffic to identity the cunning attack and low-flow attack from the communication. Therefore, RDA and SDA together detected the client's network status in realtime. The experimental results show the CDDACR model can detect and defend the DDoS attack in realtime, and reduce the probability of server be attacked when the network is on the abnormity.
出处
《通信学报》
EI
CSCD
北大核心
2009年第3期12-20,共9页
Journal on Communications
基金
国家自然科学基金资助项目(60873203)
河北省自然科学基金资助项目(F2008000646)
河北省教育厅自然科学基金重点项目(ZH2006006)~~
