DDoS attack group analysis method based on network attack accompanying behavior

A network attack and group analysis technology, applied in the field of network security, can solve the problem of lack of comprehensive analysis of attack event summary data

Active Publication Date: 2018-06-15
NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
View PDF8 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the existing DDoS attack analysis methods are mainly methods for defending and tracing the source of a single DDoS attack. They mainly start from the DDoS attack event itself to study the detection method, defense method, and source tracing method of a single attack or

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack group analysis method based on network attack accompanying behavior
  • DDoS attack group analysis method based on network attack accompanying behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to further explain the technical means and effects of the present invention to achieve the intended purpose of the invention, the following is a specific description of a DDoS attack group analysis method based on network attack accompanying behavior proposed in accordance with the present invention in conjunction with the accompanying drawings and preferred embodiments. Embodiments and their effects are described in detail below.

[0043] DDoS attack groups have the following three characteristics: (1) have a group of attack resources, which are relatively stable and will change in the long run; (2) will mobilize different resources to attack the same target, that is, the attack resources that attack the same target at the same time may Belonging to a gang; (3) Continuously using the same attack resource to attack the same target within a period of time may belong to the same gang. Based on the above characteristics, the embodiment of the present invention pro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a DDoS attack group analysis method based on a network attack accompanying behavior. The DDoS attack group analysis method comprises: acquiring all the control end IPs of DDoSattack behaviors within a preset time, and attack target trajectories and utilization broiler trajectories corresponding to each control end IP; calculating the attack target trajectory similarity and the utilization broiler trajectory similarity of each control terminal IP and each of the other control terminal IPs except the control end IP; constructing a relationship diagram according to all the calculated random two control end IPs, the corresponding attack target trajectory similarity and the corresponding broiler trajectory similarity; dividing the DDoS attack group according to the constructed relationship diagram. The invention collects and analyzes Internet attack resources involved in a large number of DDoS attack events, establishes a time-space multi-dimensional relationship-based attack sequence for scattered DDoS attack events, and finds the association and attribution of these attack resources during the DDoS attack events, thereby supporting discovery of important andorganized DDoS attack groups.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a DDoS attack group analysis method based on network attack accompanying behavior. Background technique [0002] In recent years, many research institutions and security companies have conducted research and elaboration on DDoS (Distributed Denial of Service) attacks, defenses, and situation, and released a series of scientific research papers and analysis reports. DDoS attack is a network attack method, which usually uses bot resources as the attack platform or uses special attack software tools to send seemingly reasonable service requests to the victim host to occupy a large amount of server resources, resulting in network congestion or server resource exhaustion. As a result, the server rejects legitimate users, and broiler resources can be understood as computer equipment that has been infected with a Trojan horse virus and can be remotely controlled. [0003] Howe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 朱天严寒冰丁丽李佳饶毓温森浩李志辉姚力朱芸茜王小群张腾吕利锋陈阳李世淙徐剑王适文肖崇蕙贾子骁张帅吕志泉韩志辉马莉雅雷君周彧周昊高川楼书逸
Owner NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap