| 基于网络连接统计的分布式拒绝服务攻击检测 |
| |
| 引用本文: | 吴庆涛,张有根,邵志清.基于网络连接统计的分布式拒绝服务攻击检测[J].华东理工大学学报(自然科学版),2006,32(5):583-586. |
| |
| 作者姓名: | 吴庆涛 张有根 邵志清 |
| |
| 作者单位: | 1. 华东理工大学计算机科学与工程系,上海,200237
2. 上海新侨职业技术学院计算机信息系,上海,200237 |
| |
| 基金项目: | 中国科学院资助项目
,
上海市浦江人才计划 |
| |
| 摘 要: | 分析了分布式拒绝服务(D istributed D en ial of Serv ice,DDoS)攻击原理及其攻击特征,提出了一种基于网络连接统计的DDoS攻击检测方法。该方法利用DDoS攻击的固有特性,从网络连接数据的统计分析中探寻系统正常行为的特征分布,建立DDoS攻击检测模型。通过模拟攻击实验验证了检测方法的可行性。实验结果表明:该方法能快速有效地实现对DDoS攻击的检测,并对其他网络安全检测研究具有一定的指导意义。
|
| 关 键 词: | 分布式拒绝服务 网络连接 统计分析 网络安全 攻击检测 |
| 文章编号: | 1006-3080(2006)05-0583-04 |
| 收稿时间: | 2005-04-25 |
| 修稿时间: | 2005年4月25日 |
Detecting DDoS Attacks Based on Network Connection Statistics |
| |
| WU Qing-tao,ZHANG You-gen,SHAO Zhi-qing.Detecting DDoS Attacks Based on Network Connection Statistics[J].Journal of East China University of Science and Technology,2006,32(5):583-586. |
| |
| Authors: | WU Qing-tao ZHANG You-gen SHAO Zhi-qing |
| |
| Abstract: | Distributed Denial-of-Service(DDoS) attacks are a major threat to availability of computer networks.In this paper,a novel scheme for early detection of DDoS attacks is proposed,which is involved with probability distributions of normal behavior on computer networks and DDoS attacks detection(model).The scheme employed statistical analysis of data from network connections to generate the pro-(bability) distributions of normal network connections.Based on the probability distributions,DDoS attacks detection model is presented.The feasibility of the scheme is validated through the simulated test.The(experimental) results show the effectiveness of our scheme in detecting DDoS attacks.Also,this scheme(provides) some directed sense for other network security detection research. |
| |
| Keywords: | distributed denial of service network connection statistical analysis network security attack detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
