| 应用层DDOS攻击检测技术研究 |
| |
| 作者姓名: | 熊俊 |
| |
| 作者单位: | 湖南警察学院,湖南长沙,410138 |
| |
| 摘 要: | 随着检测底层DDoS攻击的技术不断成熟和完善,应用层DDoS攻击越来越多。由于应用层协议的复杂性,应用层DDoS攻击更具隐蔽性和破坏性,检测难度更大。通过研究正常用户访问的网络流量特征和应用层DDoS攻击的流量特征,采用固定时间窗口内的请求时间间隔以及页面作为特征。通过正常用户和僵尸程序访问表现出不同的特点,对会话进行聚类分析,从而检测出攻击,经过实验,表明本检测算法具有较好的检测性能。
|
| 关 键 词: | DDOS 应用层 聚类 异常检测 |
Research on Application Layer DDoS Attack Detection |
| |
| Authors: | Xiong Jun |
| |
| Affiliation: | Xiong Jun (Hunan Police Academy HunanChangsha 410138) |
| |
| Abstract: | With the maturity of the low-level detection of DDoS attacks, DDoS attacks gradually transferred to the application layer. Because of the complexity of the application layer protocol, application layer DDoS attacks more destructive, and more subtle to detect. This paper studies the normal user' traffic characteristics of accessing the web server and traffic characteristics of the DDoS attacks flow. Take the time interval between two requests and the web pages visited as a feature, normal user session and bots attack sessions showed different characteristics, we propose a spactral clustering based dection method, to find out DDoS attacks. The experimental results show that the detection algorithm has better detection performance. |
| |
| Keywords: | DDoS application layer clustering anomaly detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
