Check patentability & draft patents in minutes with Patsnap Eureka AI!

A method and device for DDOS attack detection

A DDOS and attack detection technology, which is applied in the field of big data, can solve the problems of false positives and false negatives in DDOS attack detection schemes, and achieve the effects of reducing resource consumption, enhancing detection capabilities, and reducing false positives and false negatives.

Active Publication Date: 2022-07-01
CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD +1
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the current DDOS attack detection scheme has a large number of false positives and false negatives in practice. Therefore, a new method for DDOS attack detection is urgently needed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for DDOS attack detection
  • A method and device for DDOS attack detection
  • A method and device for DDOS attack detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0056] figure 1 It exemplarily shows a system architecture to which the embodiments of the present invention are applicable. The system architecture may be a server 100 , including a processor 110 , a communication interface 120 and a memory 130 .

[0057] The communication interface 120 is used for communicating with the terminal device, sending and receiving information transmitted by the terminal device, and realizing communic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for DDOS attack detection. The method includes acquiring a characteristic vector of traffic in a unit time, normalizing the characteristic vector to obtain a dimensionless sample to be detected, and comparing the dimensionless sample to be detected with the detection method. The common central classes in the model are clustered to determine two classes to be detected. The detection model is determined by semi-supervised learning based on feature clustering based on historical traffic samples. If the dimensionless samples to be detected belong to the class to be detected, only If the dimensionless sample to be detected is included, the dimensionless sample to be detected is determined to be a DDOS attack sample. Since the detection model obtained by semi-supervised learning based on feature clustering is used to detect whether the dimensionless sample to be detected is a DDOS attack sample, compared with the existing detection scheme, the false positive rate and false negative rate of DDOS attack detection can be reduced. The resource consumption of the system is reduced, and the detection capability of various DDOS attacks is enhanced.

Description

technical field [0001] Embodiments of the present invention relate to the field of big data technologies, and in particular, to a method and device for detecting a Distributed Denial of Service (DDOS) attack. Background technique [0002] At present, the data required for DDOS detection comes from the Netflow log, which provides various network behavior data, including seven-tuple information (Internet Protocol (IP) between source networks, source port, destination IP, destination port, protocol, number of packets, number of bytes). [0003] On the basis of obtaining Netflow log data, the current detection technical solution is to establish a threshold per minute for the number of packets or packet traffic flowing into a certain IP. When the number of packets or traffic of a certain type is found If it increases abnormally and exceeds the threshold, it is considered to be related to DDOS attack. [0004] However, the current DDOS attack detection scheme has a large number ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1458
Inventor 冯剑王晨光周川楷
Owner CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com