A ddos attack detection method and device

An attack detection and packet technology, applied in the field of communication, can solve problems such as unacceptable, hysteresis, and NetFlow analysis equipment cannot find it quickly, and achieve the effect of less sampling data, high accuracy, and guaranteeing network transmission and services.

CN107689967BActive Publication Date: 2020-03-03CHINA UNITED NETWORK COMM GRP CO LTD

5 Cites 0 Cited by

Patent Information

Authority / Receiving Office: CN · China
Patent Type: Patents(China)
Current Assignee / Owner: CHINA UNITED NETWORK COMM GRP CO LTD
Publication Date: 2020-03-03

Smart Images

Figure 1
Figure 2
Figure 3

Patent Text Reader

Abstract

An embodiment of the invention provides a DDoS (distributed denial of service) attack detection method and device and relates to the technical field of communications for detecting DDoS attack rapidlyand accurately. The method includes: making statistics on the total number of target messages received within various periods; calculating variation of the total number of current messages; taking the variation of the total number of the current messages as an absolute value of the difference of the total number of the target massages received in the current period and the previous period; judging whether the variation of the total number of the current massages meets a first preset condition or not, and if yes, making statistics on the proportion of the target massages sent by autonomous systems in the target massages received in the periods; calculating the variation in distribution of the current massages; taking the variation in distribution of the current massages as the sum of an absolute value of the difference of the proportion of the target massages sent in the current period or the previous period by the autonomous systems; judging whether the variation in distribution of the current massages meets a second preset condition or not, and if yes, determining existence of the DDoS attack. The DDoS attack detection method and device is applied to DDoS attack detection.

Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the technical field of communication, in particular to a DDoS attack detection method and device. Background technique

[0002] At present, Distributed Denial of Service (English name: Distributed Denial of Service, referred to as: DDoS) is one of the most common and most harmful forms of attack in the domain network of the autonomous system AS (English name: Autonomous System, referred to as: AS) . DDoS attack is a covert denial of service attack. The general DDoS attack process is as follows: first, the attacker will control a large number of puppet computers in the source AS domain network, and combine multiple puppet computers as an attack platform, and some of the puppet computers can be set to Then, the attacker sends the attack command to all the puppet computers through the main control terminal, and finally, all the puppet computers send data streams to the destination AS domain network, and carry out DDoS attacks on ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More