期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

应用层DDOS攻击检测技术研究 被引量:3

Research on Application Layer DDoS Attack Detection
下载PDF
导出
摘要 随着检测底层DDoS攻击的技术不断成熟和完善,应用层DDoS攻击越来越多。由于应用层协议的复杂性,应用层DDoS攻击更具隐蔽性和破坏性,检测难度更大。通过研究正常用户访问的网络流量特征和应用层DDoS攻击的流量特征,采用固定时间窗口内的请求时间间隔以及页面作为特征。通过正常用户和僵尸程序访问表现出不同的特点,对会话进行聚类分析,从而检测出攻击,经过实验,表明本检测算法具有较好的检测性能。 With the maturity of the low-level detection of DDoS attacks, DDoS attacks gradually transferred to the application layer. Because of the complexity of the application layer protocol, application layer DDoS attacks more destructive, and more subtle to detect. This paper studies the normal user' traffic characteristics of accessing the web server and traffic characteristics of the DDoS attacks flow. Take the time interval between two requests and the web pages visited as a feature, normal user session and bots attack sessions showed different characteristics, we propose a spactral clustering based dection method, to find out DDoS attacks. The experimental results show that the detection algorithm has better detection performance.
作者 熊俊
机构地区 湖南警察学院
出处 《信息安全与技术》 2012年第9期52-55,共4页
关键词 DDOS 应用层 聚类 异常检测 DDoS application layer clustering anomaly detection
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1arbor networks. Worldwide Infrastructure Security Report[R].USA:arbor networks,2011.
  • 2绿盟安全研究院.2011网络安全态势回顾[R]北京:北京神州绿盟信息安全科技股份有限公司,2011.
  • 3国家互联网应急中心.2011年我国互联网网络安全态势综述[R]北京:国家计算机网络应急技术处理协调中心,2011.
  • 4Kandula S;Katabi D;acob M.Surviving organized DDoS attacks that mimic flash crowds.Technical Report TR 969Technical Report TR 969[R].美国:美国麻省理工学院,20043-5.
  • 5谢逸,余顺争.应用层洪泛攻击的异常检测[J].计算机科学,2007,34(8):109-111. 被引量:6
  • 6赵国锋,喻守成,文晟.基于用户行为分析的应用层DDoS攻击检测方法[J].计算机应用研究,2011,28(2):717-719. 被引量:25

二级参考文献16

  • 1AHN L V, BLUN M, HOPPER N J, et al. CAPTCHA: using hard AI problems for security[C]//Lecture Notes in Computer Science, vol 2656. [S.l.] :Springer-Verlag, 2003:646-653.
  • 2KANDULA S, KATABI D, JACOB M, et al. Botz-4-Sale: surviving organized DDoS attacks that mimic flash crowds[C]//Proc of the 2nd Symposium on Networked Systems Design and Implementation. 2005:287-300.
  • 3RANJAN S, SWAMINATHAN R, UYSAL M, et al. DDoS-resilient scheduling to counter application layer attacks under imperfect detection[C]//Proc of the 25th IEEE International Conference on Computer Communications. Barcelona:IEEE Press, 2006:1-13.
  • 4YATAGAI T, ISOHARA T, SASASE I. Detection of HTTP-GET flood attack based on analysis of page access behaviour[C]//Proc of IEEE Pacific Rim Conference on Communications, Computers and Signal Processing. Victoria: IEEE Press, 2007:232-235.
  • 5WALFISH M, VUTUKURU M, BALAKRISHNAN H, et al. DDoS defense by offense[C]//Proc of Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. New York:ACM Press, 2006:303-314.
  • 6OIKONOMOU G, MIRKOVIC J. Modeling human behaviour for defense against flash-crowd attacks[C]//Proc of IEEE International Conference on Communications.Dresden: IEEE Press, 2009:1-6.
  • 7TracesavailableintheInternettrafficarchive[EB/OL].http://ita.ee.lbl.gov/html/traces.html.
  • 8Douligeris C,Mitrokotsa A.DDoS attacks and defense mechanisms:classification and state-of-the-art[J].Computer Networks:The International Journal of Computer and Telecommunications Networking,2004,44(5):643-666
  • 9Amza C,Cecchet E,Chanda A,et al.Bottleneck characterization of dynamic web site benchmarks[R]:[Technical Report TR-02-391].Rice University,February 2002.online:http://rubis.objectweb.org/download/ dyna-bottleneck.pdf
  • 10Ranjan S,Karrer R,Knightly E.Wide area redirection of dynamic content by internet data centers[A].In:the Proceeding of INFOCOM 2004.Volume 2,March 2004.816-826

共引文献28

同被引文献10

引证文献3

二级引证文献2

信息安全与技术
2012年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部