| 基于行为分布的DDoS攻击检测方法 |
| |
| 引用本文: | 赵英,黄文宇.基于行为分布的DDoS攻击检测方法[J].北京化工大学学报(自然科学版),2011,38(2):108-112. |
| |
| 作者姓名: | 赵英 黄文宇 |
| |
| 作者单位: | 北京化工大学,信息科学与技术学院,北京,100029;北京化工大学,信息科学与技术学院,北京,100029 |
| |
| 摘 要: | 分布式拒绝服务(distributed denial of service,DDoS)攻击能够在短时间内产生巨量的数据包耗尽目标主机或网络的资源,经过研究发现这些伪造的数据包在一个特定的时间内有着合法数据包所不具备的函数特点。因此,本文提出了行为分布的模型,一旦有可疑流流入服务器,则开始计算这些可疑流的行为分布差异,如果该差异小于一个设定的阈值,则判断有DDoS攻击发生;反之则为合法的数据访问。根据NS-3的模拟实验,证明该模型能够有效的从合法访问中区分出DDoS攻击流,对提前控制DDoS攻击的发生具有重要的意义。
|
| 关 键 词: | DDoS攻击 行为分布 行为分布差异 熵检测 |
| 收稿时间: | 2010-04-12 |
A method for detecting distributed denial of service attacks based on behavior distribution |
| |
| ZHAO Ying HUANG WenYu.A method for detecting distributed denial of service attacks based on behavior distribution[J].Journal of Beijing University of Chemical Technology,2011,38(2):108-112. |
| |
| Authors: | ZHAO Ying HUANG WenYu |
| |
| Institution: | College of Information Science and Technology, Beijing University of Chemical Technology, Beijing 100029, China |
| |
| Abstract: | A distributed denial of service(DDoS) attack is a common network attack and it is difficult to prevent.A DDoS attack usually generates a huge amount of packages in a very short time and exhausts the resources of the host and network which are attacked.Consequently,DDoS attack is a great threat to the stability of high-speed networks.Many studies have shown that the attack packages are generated by one or several functions.Therefore,the attack packages always share some features that valid packages do not ha... |
| |
| Keywords: | DDoS attack behaviour distribution difference in behaviour distribution entropy detection |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《北京化工大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《北京化工大学学报(自然科学版)》下载免费的PDF全文 |
