Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website

An attack detection and application layer technology, applied in the field of network security, can solve the problem that all types of users cannot access feature descriptions, etc.

Active Publication Date: 2013-05-08
深圳占领信息技术有限公司
View PDF2 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

According to the characteristics of asymmetric attacks, this method classifies resource consumption by HTTP requests for the first time; however, it uses the statistical characteristics of HTTP requests in the session to train the normal model, whic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website
  • Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website
  • Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] Such as figure 1 Shown is a schematic diagram of the deployment of the application layer DDoS attack defense system. The system is deployed at the front end of the web server 1.2 in the data center to protect all web servers 1.2 in the data center. The system detects the HTTP request to access port 1.1 of data center server 80, discards it if it is an attack request, and forwards it to the server if it is a normal request.

[0021] Such as figure 2 Shown is a schematic diagram of the application layer DDoS attack defense system architecture, the system is mainly composed of the following four modules:

[0022] Request processing module 1, this module is responsible for preprocessing the HTTP request to access the server. First, according to the HTTP request, the K-means (distance-based clustering algorithm) clustering algorithm is used to classify the pages of a website to obtain a classification set V j ; j is the page type, and then according to the HTTP request a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an application layer distributed denial of service (DDoS) attack detection method and defensive system and relates to network safety, in particular to application layer DDoS attack detection and defend. The invention provides a detection method and the defensive system based on user click sequence forecasting. Firstly, a page table uniform resource locator (URL) of a website is extracted, a clustering algorithm is utilized to conduct clustering, page table classification Vj and a user click sequence of the website are obtained, then the user click sequence is utilized to construct a random wandering image, a next observation period click sequence of a user is calculated through a process of random wandering, at last, similarity of a predict sequence and a click sequence is calculated, and abnormity of the user click sequence is judged through training threshold. The application layer DDoS attack detection method and defensive system can effectively detect attacking of an application layer, particularly stimulate an attack request of normal user behavior, and can be widely applied to safe defend of a data center website server.

Description

technical field [0001] The invention relates to the field of network security, in particular to an application layer DDoS attack detection method and defense system for websites. Background technique [0002] Distributed Denial of Service attack (Distributed Denial of Service, DDoS) has always been one of the most serious threats faced by the Internet service provider-Web server. Traditional DDoS attack methods based on the network layer or transport layer have been well detected by increasingly mature network protection technologies (firewall, intrusion detection technology, etc.). The DDoS attack method develops to the application layer. DDoS attacks at the application layer usually use the real IP address as the attack node, and use the loopholes in the application layer protocol to send a large number of attack requests based on the legal HTTP protocol to the target server, which can easily pass through the network protection system, which undoubtedly makes it the curre...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
Inventor 徐川唐红赵国锋杜成张毅
Owner 深圳占领信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap