| 基于网络连接分析的DDoS攻击检测模型 |
| |
| 引用本文: | 吴庆涛,邵志清,钱夕元.基于网络连接分析的DDoS攻击检测模型[J].计算机工程,2006,32(10):135-136,166. |
| |
| 作者姓名: | 吴庆涛 邵志清 钱夕元 |
| |
| 作者单位: | 1. 华东理工大学计算机科学与工程系,上海,200237
2. 华东理工大学理学院,上海,200237 |
| |
| 摘 要: | 分布式拒绝服务(Distmuted Denial of Service,DDoS)攻击是当前网络安全的主要威胁之一。通过对网络连接特征的分析,提出了一种DDoS攻击检测模型。该模型利用DDoS早期攻击阶段的固有特性,从网络连接数据的统计分析中探寻系统正常行为的分布规律并确定DDoS攻击检测阈值。最后,通过模拟攻击实验验证了检测模型的有效性。实验结果表明,该模型能快速有效地实现对早期DDoS攻击的检测,并对其他网络安全检测研究具有一定的指导意义。
|
| 关 键 词: | 分布式拒绝服务 统计分析 攻击检测 |
| 文章编号: | 1000-3428(2006)10-0135-02 |
| 收稿时间: | 2005-07-23 |
| 修稿时间: | 2005-07-23 |
A Detection Model for Distributed Denial of Service Attacks Based on Network Connection Analysis |
| |
| WU QINGtao,SHAO Zhiqing,QIAN Xiyuan.A Detection Model for Distributed Denial of Service Attacks Based on Network Connection Analysis[J].Computer Engineering,2006,32(10):135-136,166. |
| |
| Authors: | WU QINGtao SHAO Zhiqing QIAN Xiyuan |
| |
| Affiliation: | 1. Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai 200237 ; 2. School of Science, East China University of Science and Teehnology, Shanghai 200237 |
| |
| Abstract: | Distributed denial of service (DDoS) attacks are major threats to availability of computer network. A detection model for early DDoS attacks is presented, which involves with probability distributions of normal behavior on computer network and DDoS attacks detection threshold. The model employs statistical analysis of data from network connections to find the probability distributions of normal behavior. Based on the probability distributions, the threshold is set for detecting attacks. Also, the feasibility of the scheme is validated through the simulated test. The experimental results show the effectiveness of the model in detecting DDoS attacks. Furthermore, this model provides some directed sense for other network security detection research. |
| |
| Keywords: | Distributed denial of service Statistical analysis Attack detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
