DDoS (distributed denial of service) attach detection method based on information entropy

An attack detection and information entropy technology, applied in the field of cloud computing, can solve problems such as restricting the effective detection and identification of DDoS attacks, difficulty in detecting victim terminals, and limited processing capacity, achieving the effects of good security, easy promotion, and strong practicability.

Inactive Publication Date: 2014-12-10
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF4 Cites 54 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the traditional identification methods have problems such as high false alarm rate, difficulty in detection, and limited processing capabilities of victim terminals, which restrict the effective detection and identification of DDoS attacks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS (distributed denial of service) attach detection method based on information entropy
  • DDoS (distributed denial of service) attach detection method based on information entropy
  • DDoS (distributed denial of service) attach detection method based on information entropy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0020] The present invention provides a DDoS attack detection method based on information entropy. The present invention determines the occurrence of abnormal traffic through information entropy, uses two sketch linked list matrices to alternately store network traffic in real time, and conducts information on the matrix at the current moment. The entropy operation is used to judge whether there is abnormal flow. For the abnormal traffic matrix, the cumulative error of the cumulative sum (CUSUM) algorithm is used to detect the offset between the object to be inspected and the target to determine the IP address of the victim. For the determined attacked IP address traffic, the Pearson correlation system method is used to classify the linked list information to determine the attack traffic and prepare for the next traffic cleaning work. Based on...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DDoS (distributed denial of service) attach detection method based on an information entropy. The method includes the steps of acquiring high-speed network traffic; judging abnormal traffic, to be specific, judging whether or not abnormal traffic occurs at current moment; confirming an attacked host, to be specific, confirming the attacked host mainly through a source IP (internet protocol) address and a target IP address; and recognizing attack traffic. Compared with the prior art, the method has the advantages that detection is timely, accurate and efficient, the occurring moment of the abnormal traffic can be effectively judged, and corresponding measures are taken accordingly before the target host or network resources are exhausted.

Description

technical field [0001] The invention relates to the technical field of cloud computing, in particular to a highly practical DDoS attack detection method based on information entropy. Background technique [0002] With the development of information and communication technology, computer network plays an increasingly important role in people's life. Due to its characteristics of openness, freedom, and sharing, as well as loopholes in security protocols, information may be stolen, tampered, destroyed, etc. during transmission, resulting in huge economic losses, so network security problems are becoming more and more serious. Among many network security issues, distributed denial of service (DDoS) attacks have attracted more and more attention due to their easy operation, low technical requirements, diversified attack methods, wide distribution of attack sources, difficulty in detection, and huge damage caused. However, the traditional identification methods have problems such...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 宋洪涛
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap