Unlock instant, AI-driven research and patent intelligence for your innovation.

Application layer DDOS (distributed denial of service) attack and defense method

A distributed rejection and application layer technology, applied in transmission systems, electrical components, etc., can solve problems such as high cost, affecting user browsing experience, and high time and space complexity

Inactive Publication Date: 2014-09-17
SHANDONG UNIV
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Some methods have high space-time complexity and are difficult to run in a production environment, such as algorithms based on the DOW model or statistical anomaly detection model; some methods will affect the normal operation of the network and are expensive, such as the "Speak Out" strategy; The method will affect the user's browsing experience, such as the "Puzzle" mechanism

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application layer DDOS (distributed denial of service) attack and defense method
  • Application layer DDOS (distributed denial of service) attack and defense method
  • Application layer DDOS (distributed denial of service) attack and defense method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0050] figure 2 Among them, the application layer DDoS defense device is the device using this method, which is deployed at the egress of the internal network. Access traffic entering from the external network is first protected and filtered by the defense device, and then processed by the firewall or directly enters the application server.

[0051] The method can also be directly implemented in the firewall device and become a part of the firewall function.

[0052] Concrete steps of the present invention are:

[0053] 1. Training phase

[0054] 1-1) Take the normal access traffic of the server during peak hours as the training data, and only need the traffic from the client to the server. Prepare two 1000×1000 all-0 matrices S and M;

[0055] 1-2) When the incoming traffic arrives, classify the traffic according to the four-tuple (source / destina...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an application layer DDOS (distributed denial of service) attack and defense method, which is easy to realize, is low in time complexity and high in accuracy, is transparent to users, and has no influence on the user visit. The method provided by the invention is divided to two stages of a training stage and a work stage. In the training stage, real and legal visit flow is adopted as training data to generate a standard array used for real-time detection and protection of the work stage. According to the invention, application layer DDOS equipment needs to be arranged in front of an application server in series, so that the visit flow can be filtered through a defense device before entering the server.

Description

technical field [0001] The invention relates to a computer network security technology, in particular to an application layer DDoS distributed denial of service attack defense method. Background technique [0002] Application-layer DDoS attacks have become popular in recent years. Similar to traditional network-layer DDoS, application-layer DDoS attacks also aim at the victim being unable to provide external services, but there are significant differences in implementation between the two. Compared with network-layer DDoS, the packet data of application-layer DDoS attacks is the same as normal communication, and does not have the statistical characteristics of traditional DDoS attacks. Therefore, network-layer DDoS defense algorithms cannot cope with application-layer DDoS attacks. [0003] Kandula et al [Srikanth Kandula, Dina Katabi, Matthias Jacob, Arthur B.Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds.Proceedings of the 2nd conference on Symposium...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 王风宇鄢海涛林丰波陈传通
Owner SHANDONG UNIV