Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Application layer DDOS (distributed denial of service) attack and defense method

A distributed rejection, application layer technology, applied in transmission systems, electrical components, etc., can solve the problems of difficult operation, high cost, and high time and space complexity

Inactive Publication Date: 2012-08-15
SHANDONG UNIV
View PDF3 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Some methods have high space-time complexity and are difficult to run in a production environment, such as algorithms based on the DOW model or statistical anomaly detection model; some methods will affect the normal operation of the network and are expensive, such as the "Speak Out" strategy; The method will affect the user's browsing experience, such as the "Puzzle" mechanism

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application layer DDOS (distributed denial of service) attack and defense method
  • Application layer DDOS (distributed denial of service) attack and defense method
  • Application layer DDOS (distributed denial of service) attack and defense method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The present invention will be further described below in conjunction with the drawings and embodiments.

[0050] figure 2 , The application layer DDoS defense equipment is the equipment that adopts this method and is deployed at the intranet egress. Access traffic from the external network is first protected and filtered by the defense device, and then processed by the firewall or directly enters the application server.

[0051] This method can also be implemented directly in the firewall device and becomes a part of the firewall function.

[0052] The specific steps of the present invention are:

[0053] 1. Training phase

[0054] 1-1). Take the normal access traffic of the server during peak hours as training data, and only need the traffic from the client to the server. Prepare two 1000×1000 all-zero matrices S and M;

[0055] 1-2) When the incoming traffic arrives, classify the traffic according to the four-tuple (source / destination IP address, destination port, protocol nu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an application layer DDOS (distributed denial of service) attack and defense method, which is easy to realize, is low in time complexity and high in accuracy, is transparent to users, and has no influence on the user visit. The method provided by the invention is divided to two stages of a training stage and a work stage. In the training stage, real and legal visit flow is adopted as training data to generate a standard array used for real-time detection and protection of the work stage. According to the invention, application layer DDOS equipment needs to be arranged in front of an application server in series, so that the visit flow can be filtered through a defense device before entering the server.

Description

Technical field [0001] The invention relates to a computer network security technology, in particular to an application layer DDoS distributed denial of service attack defense method. Background technique [0002] Application-layer DDoS attacks have become popular in recent years. Similar to traditional network-layer DDoS, application-layer DDoS attacks also aim at the victim's inability to provide services to the outside world, but there are obvious differences in their implementation. Compared with network layer DDoS, the message data of application layer DDoS attacks is no different from normal communication, and does not have the statistical characteristics of traditional DDoS attacks. Therefore, network layer DDoS defense algorithms cannot deal with application layer DDoS attacks. [0003] Kandula et al. [Srikanth Kandula, Dina Katabi, Matthias Jacob, Arthur B. Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds. Proceedings of the 2nd conference on Symposium...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 王风宇鄢海涛林丰波陈传通
Owner SHANDONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products