Defense method and system rejecting service attack based on data mining technology

A denial of service attack and data mining technology, applied in the Internet field, can solve problems such as poor practical applicability, achieve the effect of reliable filtering mechanism and reduce manual intervention

Inactive Publication Date: 2009-03-11
UNIV OF ELECTRONIC SCI & TECH OF CHINA
View PDF0 Cites 61 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The system has a good defense effect, but it needs to be depl

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defense method and system rejecting service attack based on data mining technology
  • Defense method and system rejecting service attack based on data mining technology
  • Defense method and system rejecting service attack based on data mining technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] In order to make the purpose, technical solution, and advantages of the present invention clearer, the technical solution of the present invention will be further described in detail below with reference to the accompanying drawings.

[0020] Such as figure 1 Shown, the system flowchart of defense system of the present invention.

[0021] The defense system is based on anomaly detection (101) of DoS / DDoS attacks. Anomaly detection (101) adopts the covariance analysis method, and conducts secondary evaluation on the detection results to make the judgment results more accurate, effectively and real-time detection of DoS / DDoS attacks, and according to the random sampling theory and system abnormal status signs will be The network traffic is randomly sampled to the normal traffic database and abnormal traffic database of the database server, thus providing a reliable data source for the defense model.

[0022] In addition to the anomaly detection module (101), the defense...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dos attacking and defending method based on the data mining technique and a system thereof. The system comprises an anomaly detection module, a data mining engine module, a trust IP list filter module and a flow control module. The anomaly detection module adopts an efficient analysis covariance method to analyze the current network flow so as to judge the current system is abnormal or not, the data mining engine module uses a correlation analysis method to pick up a trust IP list to be used for filtering a data packet. The attacking system overcomes the shortcomings of the traditional system based on the trust IP list filtration, and can effectively differentiate normal flow and abnormal flow when defending the attack. The data mining engine module of the system picks up and transmits the IP trust list and the attribute value list with high efficiency so as to cause the system to defend the dos attack (Dos/DDoS) in real time.

Description

technical field [0001] The invention relates to Internet technology, in particular to a denial of service attack defense method and system based on data mining technology. Background technique [0002] Denial of service attack (DoS) and distributed denial of service attack (DDoS) are common network attack methods at present. This attack consumes the bandwidth of the attacked network and the service resources of the attacked host by sending a large number of forged service requests, thus submerging legitimate normal services. Especially for DDoS attacks, because the controlled hosts themselves are distributed, and the attack data packets use pseudo-random IPs, the attackers have stronger concealment, and DDOS attacks are more difficult to defend. Therefore, it is urgent to study a defense model and mechanism that can effectively resist DDoS attacks. [0003] Data mining technology has certain applications in the field of detection and defense of distributed denial of servic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L12/56H04L29/06
Inventor 何兴高童彬秦志光周世杰赵洋蓝天
Owner UNIV OF ELECTRONIC SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap