Low-rate denial of service (LDoS) attack detection method based on small signal detection theory

A small-signal, legal technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as network threats, difficult to detect, and small traffic

Inactive Publication Date: 2013-06-05
CIVIL AVIATION UNIV OF CHINA
View PDF2 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In 2003, at SIGCOMM, the top conference on computer networks, Aleksandar of Rice University first proposed a low-rate denial-of-service attack against the TCP protocol, mainly targeting the loopholes in the TCP congestion control mechanism, and proposed a potential low-rate denial-of-service attack Attack (Low-Rate Distributed Denial of Service, LDoS) attack model, through accurate calculation, only a small amount of attack data can lead to denial of service or de

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Low-rate denial of service (LDoS) attack detection method based on small signal detection theory
  • Low-rate denial of service (LDoS) attack detection method based on small signal detection theory
  • Low-rate denial of service (LDoS) attack detection method based on small signal detection theory

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] 1. According to image 3 In the simulated attack scenario, the link bandwidth between the client, the attack end and the router is set to be 10Mb / s, and the one-way delay is 2ms; the link bandwidth between each router and between router 2 and the server is 1Mb / s, the one-way delay is 10ms. And the send queue size of the router is 100 packets. 3 parameters of LDoS attack: L=250ms, R=1Mb, T=1100ms and 1075ms.

[0018] 2. The fixed sampling interval is 10ms, and the search interval is 10ms. In the two cases of attack period T=1100ms and T=1175ms, test V JG Distribution. For an attack with T=1100ms, the maximum V JG The value occurs exactly at the predicted period of 1100ms; for an attack with T=1175ms, the maximum V JGValues ​​occur at prediction periods of 1170ms and 1180ms. The results of many experiments have proved the above conclusions. In order to be consistent with the actual situation, according to the detection principle, the average value of 1175ms is sel...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A low-rate denial of service (LDoS) attack flow has an obvious periodical small-signal characteristic. By means of a small-signal detection theory, the invention provides an LDoS attack detection method based on a small-signal model. According to the LDoS attack detection method, the number of data packages reaching in certain time is counted through a structural characteristic value estimating matrix, the attack cycle of the LDoS is estimated, a statistic value is compared with a preset judgment characteristic value threshold for indicate differences between normal flow rate and mixed flow rate which includes the LDoS attack, and the differences serve as a basis for judging whether the LDoS attack exists or not. If the LDoS attack is judged to exist, the cycle value of the LDoS attack can be accurately calculated through the structural characteristic value estimating matrix. By means of the technical scheme, the LDoS attack can be effectively detected.

Description

technical field [0001] The invention relates to a computer network security technology, especially for the detection of low rate denial of service (LDoS) attack, which can detect the attack with high accuracy. Background technique [0002] Since the appearance of distributed denial of service DoS (Denial of Service) attack, it has been one of the biggest threats to network security. The traditional Flood type DoS (FDoS) attack is characterized by the need to maintain a high rate of attack flow, exhausting all available resources on the victim side. Low-rate distributed denial-of-service LDoS (Low-rate DoS) attack is a new type of DDoS attack. The principles of LDoS and FDoS are completely different. LDoS utilizes the security holes in the common adaptive mechanisms in network protocols or application services to periodically send a large number of attack packets in a specific short time interval. Thereby reducing the service performance of the attacked end. The characteri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 吴志军
Owner CIVIL AVIATION UNIV OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap