[1]杨海亮,李震,马天丁,等. 一种DDoS攻击复合式检测方法的研究[J].计算机技术与发展,2015,25(07):111-115.
 YANG Hai-liang,LI Zhen,MA Tian-ding,et al. Research on a Hybrid DDoS Intrusion Detection Method[J].,2015,25(07):111-115.
点击复制

 一种DDoS攻击复合式检测方法的研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
25
期数:
2015年07期
页码:
111-115
栏目:
安全与防范
出版日期:
2015-07-10

文章信息/Info

Title:
 Research on a Hybrid DDoS Intrusion Detection Method
文章编号:
1673-629X(2015)07-0111-05
作者:
 杨海亮李震马天丁胡毅
 南京水利科学研究院
Author(s):
 YANG Hai-liang LI Zhen MA Tian-ding HU Yi
关键词:
 分布式拒绝服务攻击自相似性重尾特性突发业务流
Keywords:
 DDoSself-similarityheavy-tail propertyburst traffic
分类号:
TP393.08
文献标志码:
A
摘要:
 分布式拒绝服务攻击( DDoS)严重影响着网络安全,给网络的应用和发展带来了极大危害。目前,网络流量的自相似性、时间序列分析等已经成为DDoS攻击检测中重要的策略和技术。但是,当这些策略和技术单独使用时,DDoS攻击检测效果并不十分理想。文中提出一种利用网络单边连接密度( OWCD)、网络重尾特性、累积欧几里得距离等方法的复合式检测方法。运用该复合式DDoS攻击检测方法进行DDoS攻击检测时,能有效地区分出正常流量、DDoS攻击流量与突发业务流量,从而提高了DDoS攻击的检测效率。
Abstract:
 Distributed Denials of Service ( DDoS) attacks have done great harm to the application and the development of Internet. Cur-rently,the self-similarity of network traffic and time series analysis have been the important strategies and technologies of DDoS attacks detection. But when these strategies and technologies are used individually,the results of DDoS detection are not ideal. A hybrid DDoS in-trusion detection method by the OWCD,heavy-tail property and accumulated Euclidean distance is proposed. The result shows that apply-ing the method to detect DDoS attacks,it could distinguish DDoS attacks traffic from normal traffic and burst traffic,to improve the detec-tion rate.

相似文献/References:

[1]叶小涛 吕爱丽 赵林.基于源-目的端ISP包标记方案研究[J].计算机技术与发展,2009,(04):98.
 YE Xiao-tao,LU Ai-li,ZHAO Lin.Research of Packet Marking Scheme Based on Source and Destination- End ISP[J].,2009,(07):98.
[2]李金良 王文国 何裕友.一种基于历史信任数据的DDOS防御模型[J].计算机技术与发展,2007,(07):160.
 LI Jin-liang,WANG Wen-guo,HE Yu-you.A Model Based on Historical Trusted Data to Defense DDOS[J].,2007,(07):160.
[3]孙知信 焦琳 姜举良.混合二次网络流量异常状态模型研究[J].计算机技术与发展,2007,(03):153.
 SUN Zhi-xin,JIAO Lin,JIANG Ju-liang.Research on Mixed Quadratic Network Traffic Abnormal States Model[J].,2007,(07):153.
[4]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(07):1.
[5]梁文快,李毅. 改进的基因表达算法对航班优化排序问题研究[J].计算机技术与发展,2014,24(07):5.
 LIANG Wen-kuai,LI Yi. Research on Optimization of Flight Scheduling Problem Based on Improved Gene Expression Algorithm[J].,2014,24(07):5.
[6]黄静,王枫,谢志新,等. EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(07):13.
 HUANG Jing,WANG Feng,XIE Zhi-xin,et al. Design and Implementation of EAST Document Management System[J].,2014,24(07):13.
[7]侯善江[],张代远[][][]. 基于样条权函数神经网络P2P流量识别方法[J].计算机技术与发展,2014,24(07):21.
 HOU Shan-jiang[],ZHANG Dai-yuan[][][]. P2P Traffic Identification Based on Spline Weight Function Neural Network[J].,2014,24(07):21.
[8]李璨,耿国华,李康,等. 一种基于三维模型的文物碎片线图生成方法[J].计算机技术与发展,2014,24(07):25.
 LI Can,GENG Guo-hua,LI Kang,et al. A Method of Obtaining Cultural Debris’ s Line Chart Based on Three-dimensional Model[J].,2014,24(07):25.
[9]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(07):29.
[10]刘茜[],荆晓远[],李文倩[],等. 基于流形学习的正交稀疏保留投影[J].计算机技术与发展,2014,24(07):34.
 LIU Qian[],JING Xiao-yuan[,LI Wen-qian[],et al. Orthogonal Sparsity Preserving Projections Based on Manifold Learning[J].,2014,24(07):34.

更新日期/Last Update: 2015-09-07