Unlock instant, AI-driven research and patent intelligence for your innovation.

A DDOS attack detection method based on single packet source tracing

An attack detection and inter-domain path identification technology, applied in the field of DDoS attack detection based on single-packet source tracing, can solve problems such as lack of attack detection, and achieve the effect of fine-grained attack detection

Active Publication Date: 2022-02-25
BEIHANG UNIV
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the current "CoLoR network architecture" lacks a security mechanism for attack detection using traceability information, making it difficult to detect small-scale DDoS attacks that may exist in the CoLoR network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A DDOS attack detection method based on single packet source tracing
  • A DDOS attack detection method based on single packet source tracing
  • A DDOS attack detection method based on single packet source tracing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0118] see image 3 As shown, a kind of DDoS attack detection method based on single packet tracing of the present invention, its attack detection steps are:

[0119] The first part is to obtain the autonomous domain nodes and inter-domain path identification sequences in the network logical topology as an observer;

[0120] Step A, extracting autonomous domain nodes in the network logical topology;

[0121] see Figure 4 The network logical topology of the tree structure shown, all autonomous domain nodes in the network form a set of autonomous domain nodes, denoted as S 总 , and S 总 ={N 1 ,N 2 ,N 3 ,N 4 ,N 5 ,N 6 ,N 7 ,N 8 ,N 9}. Among them, autonomous domain node N 9 The identity is replaced by the observer node O, which is also the root node of the tree structure.

[0122] N 1 It is the first autonomous domain node in the logical topology of the network; autonomous domain node N 1 own traffic of Initially The assignment value is 0; autonomous domain nod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS attack detection method based on single-packet source tracing. The method is based on the logical topology in the CoLoR network architecture, wherein inter-domain path identification prefix information is recorded, and the inter-domain path identification sequence contained in the request packet is combined with the The logical topology performs hop-by-hop matching to locate the sender of the request packet; by repeating the above operations, the self- and aggregated traffic of each autonomous domain node in the network logical topology can be counted, and the traffic can be classified according to the traffic changes. Autonomous domains exceeding the threshold are judged as attackers, enabling fine-grained DDoS attack detection. This method solves the problem of how to use the network logical topology and the inter-domain path identification sequence in the request packet to realize fine-grained DDoS attack detection, and improves the accuracy of attack detection by first tracing the source and then detecting.

Description

technical field [0001] The present invention relates to the technical field of computer network security, and more specifically, the present invention relates to a DDoS attack detection method based on single packet traceability. Background technique [0002] In today's Internet environment, there are various security problems, such as Trojan horse implantation, virus attack, etc., among which the damage caused by the distributed denial of service (DDoS) attack is particularly serious. Trends in scale and diversification. see figure 1 As shown, the attacker controls the zombie host and sends a large number of packets to the attack target, consuming its computing, storage, and network resources, so that legitimate users cannot obtain the services provided by the attack target. At the beginning of the design of the existing TCP / IP network architecture, security issues were not considered. Malicious network attackers can launch attacks by forging source addresses, which affec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416
Inventor 罗洪斌刘洲彪张珊
Owner BEIHANG UNIV