Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDoS (distributed denial of service) detection method

A detection method and factor technology, applied in electrical components, transmission systems, etc., can solve problems such as detection of large delays

Inactive Publication Date: 2018-03-13
蔡昌菊
View PDF0 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Haraldsson, Emil found abnormal attacks through statistical information such as the number of ports and TCP connections, but it was a detection with a relatively large delay

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the embodiments of the present invention. Obviously, the described embodiments are part of the implementation of the present invention example, not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts all belong to the protection scope of the present invention.

[0026] The technical scheme that the present invention adopts is as follows:

[0027] A DDoS detection method, comprising the following steps:

[0028] Step 1. Real-time multi-source NetFlow / IPFix data collection through Apache Kafka;

[0029] Step 2. Real-time low-latency DDoS detection through Spark Streaming;

[0030] Step 3. Output DDoS attack...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a DDoS detection method, which relates to the field of network intrusion detection. Aiming at the huge characteristics of the current DDoS attack traffic and the amplification attack of UDP data flow, it distinguishes the traditional DDoS detection that pays more attention to TCP, and utilizes the current Spark Streaming technology. The platform applies multi-measurement factors to quickly parallelize the analysis of time series streams obtained by stream sampling, and gives indicators of DDoS attacks. The present invention is based on the abnormality detection method of the current flow sampling, is also based on the business dynamics and advanced technology, has the characteristics of low delay detection, can effectively detect the current reflection amplification attack, and can detect the new type of DDoS. Compared with the prior art, the DDoS detection method based on flow sampling provided by the present invention has the following beneficial effects: scalable cloud detection framework; real-time low-latency detection based on Spark Streaming; adaptive detection of current emerging DDoS attacks Type; effectively detect the current reflection amplification attack.

Description

technical field [0001] The invention relates to the field of network intrusion detection, in particular to a DDoS detection method. Background technique [0002] Network intrusion detection is an important security protection point for enterprises and campus networks. Based on the intrusion detection system, network attacks can be effectively identified to protect the security of enterprises and campus networks. However, in recent years, effective network intrusion detection has become more and more difficult. The main reason is that the network bandwidth continues to increase, and there is a performance bottleneck in real-time detection of huge amounts of data. The existing mainstream products, one is Suricata and Snort, which use multi-threading to improve performance, but they are based on classic flow signatures and do not have flexible programmable rules; the other is Bro, which has Turing-Complete (Fig. Flexible and complete) scripting language, which can flexibly cu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/1416
Inventor 蔡昌菊
Owner 蔡昌菊
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com