Indirect distributed denial of service attack defense method and system based on Web agency

A distributed denial and indirect technology, applied in the field of network communication, can solve the problem that the victim server cannot establish a cooperative relationship with the server, the attack behavior is difficult to be detected and filtered by the DDoS defense system, and the server is difficult to rely on the intermediate Web proxy security settings to be attacked, etc.

Inactive Publication Date: 2012-05-02
SUN YAT SEN UNIV
View PDF2 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Second, because the existing Internet lacks an effective cooperation mechanism, it is difficult for the victim server to rely on the security settings of the intermediate Web proxy to avoid being attacked
[0007] Third, for the server at the victim end, this type of attack is di

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Indirect distributed denial of service attack defense method and system based on Web agency
  • Indirect distributed denial of service attack defense method and system based on Web agency
  • Indirect distributed denial of service attack defense method and system based on Web agency

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] The present invention will be described in detail below with reference to the accompanying drawings.

[0061] The present invention adopts following several technologies:

[0062] 1. Extract the spatio-temporal locality of the network flow

[0063]The network flow sent by a given web proxy to the server is called proxy-to-server (P2S), and P2S is the external manifestation of the interaction between a web proxy and the server. Through the mining and analysis of P2S, the potential behavior characteristics of Web proxy can be found, which can provide reference for attack defense.

[0064] In the present invention, the observable structural properties of P2S need to meet two requirements: (1) it can characterize the essential properties of P2S, and has nothing to do with the Web content / URL on the server; (2) it can consume the target in the attack flow The server has previously extracted this attribute, enabling early detection. For this reason, the present invention u...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an indirect distributed denial of service attack defense method and an indirect distributed denial of service attack defense system based on a Web agency. A behavior characteristic of a proxy-to-server network flow is described by extracting the space-time local property of the proxy-to-server network flow; the interference of a small-probability large value on an available signal is restrained by a nonlinear mapping function; a normal behavior model of the proxy-to-server network is constructed through a hidden semi-markov model (HsMM); normal degree estimation, namely long-time behavior estimation and short-time behavior estimation, under different time scales is performed by using behavior indexes acquired by the model; as to an abnormal behavior sequence (HTTP request sequence), an attack response is implemented by adopting a soft control method; and the basis of the soft control represents an HsMM model parameter and a structure index which are used for performing a normal behavior. The parameter for describing the proxy-to-server network is the space-time local property which is irrelevant to the change of the Web content on a target server; and the detection property of the method is the nature property based on the agent network flow and irrelevant to the size of the attack flow. By the method, the attack response can be realized before the resources of the target server are used by the attack flow, so that early detection can be realized effectively.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a Web proxy-based indirect distributed denial-of-service attack defense method and system. Background technique [0002] Distributed Denial of Service (DDoS) attack is a constantly evolving attack method. [0003] The invention provides an effective server-side defense method for a novel DDoS attack mode. This new type of DDoS attack that the present invention pays attention to is different from the traditional direct attack behavior, and it adopts the Web proxy widely distributed on the Internet as the springboard of the attack. Because this attack method utilizes the characteristics of the HTTP protocol to achieve the purpose of supply, in this invention, we call this type of attack "DDoS attack based on Web proxy". [0004] Such as figure 1 As shown, the DDoS attack mode based on Web proxy includes the following two steps: (1) The attacker generates HTTP reque...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08H04L12/26
Inventor 谢逸
Owner SUN YAT SEN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap