Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDoS attack detection method, device, equipment and computer program product

A computer program and attack detection technology, applied in the field of network security, can solve the problem of low DDoS attack accuracy, and achieve the effect of improving the accuracy and reducing misjudgment

Pending Publication Date: 2021-11-02
CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The main purpose of the present invention is to provide a DDoS attack detection method, device, equipment and computer program product, aiming to solve the technical problem of low accuracy of existing DDoS attack detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack detection method, device, equipment and computer program product
  • DDoS attack detection method, device, equipment and computer program product
  • DDoS attack detection method, device, equipment and computer program product

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0067] Based on the first embodiment, the second embodiment of the DDoS attack detection method of the present invention is proposed. In this embodiment, step S101 includes:

[0068] Step S201, obtaining the first number of IP flows and the total number of IP packets included in the IP flows in each sampling interval, wherein the IP flows are message sets with the same quintuple;

[0069] Step S202, based on the first number and the total number, respectively determine the average length of the IP flow corresponding to each sampling interval.

[0070] In this embodiment, the first quantity of IP flows in each sampling interval and the total number of IP packets included in the IP flows are obtained first. Specifically, for each sampling interval, the incoming packets and outgoing packets in the sampling interval are message, divide the incoming message and the outgoing message according to the quintuple, obtain each IP flow, and determine the first quantity of the IP flow, and...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS attack detection method. The method comprises the following steps: acquiring an IP flow average length corresponding to a plurality of sampling intervals, acquiring an IP packet inflow and outflow ratio growth rate corresponding to each sampling interval, and acquiring a source IP address entropy corresponding to each sampling interval; taking the IP flow average length, the IP packet inflow and outflow ratio increase rate and the source IP address entropy as a sample feature vector to obtain a training sample set; inputting the sample feature vectors into a pre-trained classification model for model training to obtain a classification result; and if the training result comprises the abnormal traffic, determining that the sample feature vector corresponding to the abnormal traffic is the distributed denial of service (DDoS) attack traffic. The invention further discloses a DDoS attack detection device and equipment and a computer program product. According to the DDoS attack detection method and device, the sample feature vectors irrelevant to the flow are adopted as the training data, the influence of the change of the flow on the detection result can be avoided, the misjudgment of the detection result is further reduced, and the accuracy of DDoS attack detection is improved.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a DDoS attack detection method, device, equipment and computer program product. Background technique [0002] With the rapid development of computer network technology, network attacks and destructive behaviors are also increasing. Among them, DDoS (Distributed Denial of Service, Distributed Denial of Service) attack has amazing destructive power and huge impact, and is a serious attack method that threatens network security. DDoS attacks usually use botnets to send a large number of service requests to victims, resulting in a large amount of resources consumed by victims, so that they cannot respond to legitimate user requests in a timely manner, or even completely paralyzed. With the development of network technology, the traffic of DDoS attacks is also increasing, making it more and more difficult to detect. [0003] At present, the detection method of DDoS ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1416H04L63/1458H04L63/1425Y02D30/50
Inventor 李淑贤李金星顾宁伦谢懿魏来李海明师文
Owner CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com