Lightweight DDoS attack detection device and method on high-speed network

An attack detection and high-speed network technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve the problems of large occupied space, large number of counters, space waste, etc., to improve accuracy and control space overhead Upper limit, the effect of reducing false positives

Active Publication Date: 2019-07-23
NANJING UNIV OF POSTS & TELECOMM
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

First, in network traffic, large traffic is very important. When detecting DDoS attacks, the main purpose is to detect traffic exceeding the threshold. However, the number of large traffic in the network is relatively small, and most of them are small traffic. Traffic and small traffic conflict when stored, and many small tra

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Lightweight DDoS attack detection device and method on high-speed network
  • Lightweight DDoS attack detection device and method on high-speed network
  • Lightweight DDoS attack detection device and method on high-speed network

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0048] The present invention discloses a lightweight DDoS attack detection device and detection method on a high-speed network. The following describes the present invention in combination with the examples of specific schemes. It should be understood that these examples are only used to illustrate the present invention and not to limit the present invention. Range.

[0049] The overall idea of ​​the present invention is: because the performance of the DDoS flood attack on the flow is usually the rapid increase of the flow, the structure of Sketch is used to store, summarize and detect the flow in the network. In view of the large space used and waste of space in Sketch, multiple Sketch combinations with smaller space are used to dynamically create Sketch, dynamically apply for space, and try to avoid waste of space. In this structure, the large traffic will be concentrated in the high-level Sketch, which facilitates the detection of DDoS attack traffic.

[0050] Such as image 3 ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a lightweight DDoS attack detection device and method on a high-speed network. The device comprises a CBFSketch module and a DDoS attack detection module. The method comprisesthe following steps: S1, acquiring network flow, and recording and storing data flow information; S2, according to the recorded data flow information, inquiring the flow size or occurrence frequency of a specific data flow, and judging whether the data flow is DDoS attack flow or not according to an inquiry result; and S3, setting a threshold value, detecting the data flow exceeding the thresholdvalue according to the recorded data flow information, and completing DDoS attack detection. The multi-level Sketch structure is adopted to store the data flow, the space can be dynamically applied, the space overhead upper limit can be effectively controlled, the flow exceeding the threshold value can be rapidly detected to detect the DDoS attack, misinformation is reduced, and the detection accuracy is improved.

Description

technical field [0001] The invention relates to a detection device and a corresponding detection method, in particular to a lightweight DDoS attack detection device and detection method on a high-speed network, belonging to the technical fields of high-speed network flow measurement and network security. Background technique [0002] With the development and popularization of the Internet, information security has gradually become a serious problem faced by the country's political, economic, military, cultural and ideological fields. How to ensure information security has gradually become a common appeal of all industries. [0003] Specifically, network security is an important part of information security, and among many factors affecting network performance, network traffic is the most important. With the development of Internet technology, network traffic analysis technology emerges as the times require. This technology captures the data packets flowing in the network, ch...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/16H04L63/1416H04L63/1425H04L63/1458
Inventor 朱海婷张媛何高峰张浩邓莹莹朱铭远
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap