摘要
针对传统方法难以实时有效地检测分布式拒绝服务攻击(DDoS)的问题,通过DDoS攻击的基本特征分析,从理论上严格区分了DDoS攻击流和正常突发流,并且在此基础上提出了一种基于特征参数相关性的DDoS攻击检测算法。该算法能在早期检测出DDoS攻击流,而这时的DDoS攻击包特征并不明显,并且该算法能有效地区分DDoS攻击流和正常的突发流。实验结果表明了该算法的有效性和精确性。
As traditional methods can not effectively detect DDoS attacks in time, DDoS attacking traffic is distinguished from normal flash crowd traffic on theory by analyzing the basic features ofa DDoS and a DDoS attack detecting algorithm based on that is proposed according to the analysis of the essential characteristic of DDoS. The scheme detect a DDoS attack traffic in its early stages when the attacking packet' s attribute value has no distinct features. It can differentiate DDoS from normal burst traffic. The simulation shows the algorithm' s validity and accuracy.
出处
《计算机工程与设计》
CSCD
北大核心
2010年第1期34-36,40,共4页
Computer Engineering and Design
基金
国防预研基金项目(A1420061266)
