Resource adaptation resolution server DDoS attack detection defense method in smart collaborative network

A smart collaborative network and analysis server technology, applied in the field of network security, can solve problems such as increased overhead and ineffective implementation

Inactive Publication Date: 2018-08-21
BEIJING JIAOTONG UNIV
View PDF8 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The disadvantage of the second resource adaptation and analysis server DDoS attack defense method in the above-mentioned prior art is: the method uses the controller to verify the source address, and then sends the corresponding flow rules to filter the data packets, increasing the In addition to overhead, it also causes a certain delay
When the controller is under attack, this scheme will not be effectively implemented

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Resource adaptation resolution server DDoS attack detection defense method in smart collaborative network
  • Resource adaptation resolution server DDoS attack detection defense method in smart collaborative network
  • Resource adaptation resolution server DDoS attack detection defense method in smart collaborative network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] The embodiment of the present invention provides a method for detecting and defending DDoS attacks on resource adaptation analysis servers in a smart collaborative network. The attack situation is detected by using the decision tree algorithm, and the weight priority queue is used to respond to the attack to alleviate the attack. The impact of the attack provides security guarantee for the smart collaborative network and improves the security and reliability of the smart collaborative network.

[0053] In order to defend against the DDoS attack faced by the resource adaptation analysis server in the intelligent collaborative network, the embodiment of the present invention proposes a solution of connection migration, decision tree-based detection and weight priority queue defense.

[0054] The processing flow of a DDoS attack defense method for a resource adaptation analysis server in a smart collaborative network provided by an embodiment of the present invention is as ...

Embodiment 2

[0092] A schematic diagram of an example of DDoS attack detection and defense performed by a resource adaptation analysis server in a smart collaborative network provided by this embodiment is as follows Figure 6 As shown, the legitimate user is the service requester and normally initiates the service request, while the attackers A, B, and C forge a large amount of unknown traffic to launch DDoS attacks on the resource adaptation analysis server. In the DDoS defense of the resource adaptation analysis server, the present invention is divided into three stages in total. The first stage is the resource adaptation analysis server protection stage, applying the connection migration method, using the cache server as a proxy, caching and forwarding request packets, and limiting the forwarding rate; Judgment; the third stage is attack defense, differentiated forwarding request packets, and improving the service rate for legitimate users. These functions could have been completed on...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a resource adaptation resolution server DDoS attack detection defense method in a smart collaborative network. The method comprises the following steps: when a data packet transmission condition in the smart collaborative network conforms to a connection migration condition, migrating the connection between a network component and the resource adaptation resolution server toa cache server, and connecting the cache server to the resource adaptation resolution server; receiving and caching a service request packet sent to the resource adaptation resolution server by the network component by the cache server, and detecting whether the resource adaptation resolution server is subjected to the DDoS attack according to a feature tuple of the service request packet by using a decision tree algorithm; and after detecting the DDoS attack, forwarding the service request packet in a differentiated way by using a defense strategy based on a weight priority queue. Accordingto the resource adaptation resolution server DDoS attack detection defense method in the smart collaborative network provided by the invention, a binary tree branch is established by using the decision tree detection algorithm and combining a plurality of feature properties, and feature extraction is carried out on whole network service request information, thus the attack state can be judged moreaccurately, and defense measures can be taken in time to alleviate the influence brought by the DDoS attack.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a DDoS attack detection and defense method for a resource adaptation analysis server in a smart collaborative network. Background technique [0002] Since the Internet appeared in the past few decades, it has had a huge impact on the development of human society. However, with such a rapid development of the Internet, the traditional Internet architecture gradually exposes scalability, mobility, security, controllability, green energy saving, etc. rooted in the original design ideas due to its static and rigid characteristics. Due to these problems, it cannot meet the communication needs of future networks such as "high speed", "high efficiency", "intelligence" and "energy saving". At the same time, the fully distributed architecture of the traditional Internet makes network management complex, and this complexity also leads to the vulnerability of the network, which br...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 刘颖陈明虎张宏科支婷
Owner BEIJING JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products