Method for detecting DDoS (Distributed Denial of Service) attack in big data environment

An attack detection and big data technology, applied in the network field, can solve the problems that cannot meet the actual needs of high bandwidth and consume a lot of time

Active Publication Date: 2017-01-11
SHANGHAI MARITIME UNIVERSITY
View PDF4 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, the existing DDoS attack detection algorithms and systems use a single-machine processing method, which consumes a lot of time and cannot meet the actual needs of a big data environment with high bandwidth and a large number of user groups.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting DDoS (Distributed Denial of Service) attack in big data environment
  • Method for detecting DDoS (Distributed Denial of Service) attack in big data environment
  • Method for detecting DDoS (Distributed Denial of Service) attack in big data environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0068] The present invention will be further elaborated below by describing a preferred specific embodiment in detail in conjunction with the accompanying drawings.

[0069] Such as figure 1 As shown, a DDoS attack detection method in a big data environment, the method includes the following steps:

[0070] S1, collecting various streaming data in a big data environment, that is, collecting various streaming data from a big data application system; An application system of several PBs; the users mentioned include registered users and non-registered users;

[0071] The various flow data include the data flow from the proxy server, the data flow arriving at the system through the firewall, and various POP data flows, etc.;

[0072] S2, extracting the source IP address from various flow data collected;

[0073] S3, calculating the information entropy of the source IP address;

[0074] S4, determine whether the information entropy of the source IP address is greater than the p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for detecting a DDoS (Distributed Denial of Service) attack in a big data environment. The method comprises the following steps: extracting a source IP address from various collected data streams, calculating information entropy of the source IP address, and if the information entropy is greater than a preset threshold value V, determining that the data stream corresponding to the IP address may be a DDoS attack stream, and implementing early warning; otherwise, determining that the data stream corresponding to the IP address is a normal data stream; training a dynamically-sampled K-Means model by using the normal data stream, and designing a dynamically-sampled K-Means parallelization algorithm based on a Spark stream processing technology; and detecting the data stream subjected to early warning by using the dynamically-sampled K-Means parallelization algorithm, and if a criterion function E of a detection result is smaller than or equal to a preset threshold value d, determining that the data stream is the DDoS attack stream, then blacklisting the source IP, and shielding the data stream. According to the method disclosed by the invention, various DDoS attacks in the big data environment can be effectively detected through early warning detection and abnormality confirmation detection, and thus the security of a system can be ensured.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a DDoS attack detection method in a big data environment. Background technique [0002] With the rapid development of the Internet, the bandwidth of ordinary users is generally upgraded, and the bandwidth of home users has reached or exceeded 20M. In addition, with the popularity of 3G networks and the gradual promotion of 4G networks, the mobile Internet has also entered a period of vigorous development. The rapid growth of personal network bandwidth and the ever-increasing number of network users have caused network data to show an explosive growth trend, and human beings have entered the era of big data. In the big data environment, more and more companies and enterprises reduce costs by migrating their information technology infrastructure to cloud service providers, such as distributed storage data centers and various types of cloud computing systems. However, once these ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 刘罕韩德志毕坤李美静王军
Owner SHANGHAI MARITIME UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap