Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDoS detection method based on stream sampling

A detection method and flow sampling technology, applied in electrical components, transmission systems, etc., to solve problems such as huge attack traffic

Active Publication Date: 2016-12-14
SHANGHAI JIAO TONG UNIV
View PDF4 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Another notable feature of current DDoS is the huge attack traffic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS detection method based on stream sampling
  • DDoS detection method based on stream sampling
  • DDoS detection method based on stream sampling

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Based on the current anomaly detection method based on flow sampling and based on business dynamics and advanced technology, the present invention proposes a DDoS detection method based on flow sampling, which has the characteristics of an expandable cloud detection framework, can detect in real time with low delay and can be adaptable Detect currently emerging DDoS attack types.

[0034] The present invention provides a DDoS detection method based on flow sampling. Aiming at the characteristics of huge current DDoS attack traffic, this method pays special attention to the amplification attack of UDP data flow, and distinguishes traditional DDoS detection that pays more attention to TCP.

[0035] The method of the present invention utilizes the current Spark Streaming technology, applies multi-measurement factors to fast parallel analysis on the time series stream obtained by convective sampling on the cloud platform, provides the index of DDoS attack, and realizes fast ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a DDoS detection method based on stream sampling, and relates to the field of network intrusion detection. The DDoS detection method aims at the characteristic of huge DDoS attack streams and amplification attack of UDP data streams at present and is different from the conventional DDoS detection focusing on the TCP, and performs fast parallel analysis on time sequence streams obtained through stream sampling on a cloud platform by applying multi-measure factors through the current Spark Streaming technology so as to give the indicator of DDoS attack. The DDoS detection method is based on the current stream sampling abnormity detection method and also based on the business dynamic and advanced technology and has the characteristic of low delay detection so that the current reflection amplification type attack can be effectively detected and new DDoS can be detected. Compared with the methods in the prior art, the DDoS detection method based on stream sampling has the following beneficial effects that the cloud side detection framework can be extended; real-time low delay detection based on Spark Streaming can be performed; the new DDoS attack type can be adaptively detected; and the current reflection amplification type attack can be effectively detected.

Description

technical field [0001] The invention relates to the field of network intrusion detection, in particular to a DDoS detection method based on flow sampling. Background technique [0002] Network intrusion detection is an important security protection point for enterprises and campus networks. Based on the intrusion detection system, network attacks can be effectively identified to protect the security of enterprises and campus networks. However, in recent years, effective network intrusion detection has become more and more difficult. The main reason is that the network bandwidth continues to increase, and there is a performance bottleneck in real-time detection of huge amounts of data. The existing mainstream products, one is Suricata and Snort, which use multi-threading to improve performance, but they are based on classic flow signatures and do not have flexible programmable rules; the other is Bro, which has Turing-Complete (Fig. Flexible and complete) scripting language...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1458H04L63/30
Inventor 邹福泰姜开达章思宇刘渝娇李林森李建华
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com