Low-speed DDoS attack detection method and system and related equipment
An attack detection, low-speed technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as difficult-to-detect method defense, network security, property security, national security hazards, and servers that cannot serve normally, achieving low-speed DDoS attack detection and the effect of abnormal traffic detection
Active Publication Date: 2022-03-04
SUZHOU UNIV
View PDF6 Cites 1 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] Low-speed DDoS attack is a kind of DDoS attack, but it uses a completely different attack method from common DDoS attacks: the packet sending rate is the same as that of normal users, but it can still attack the server Causes a lot of pressure, because legitimate packets are sent at a slower rate, so it is more difficult to defend against traditional detection methods
Low-speed DDoS attacks may cause serious consequences such as server failure, system crash, and data loss, and will cause great harm to network security, property security, and national security
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0051] The core of the application is to provide a low-speed DDoS attack detection method, which can effectively detect the low-speed DDoS attack detection method; another core of the application is to provide a low-speed DDoS attack detection system, computer equipment and The computer-readable storage medium also has the above beneficial effects.
[0052] In order to describe the technical solutions in the embodiments of the present application more clearly and completely, the technical solutions in the embodiments of the present application will be introduced below in conjunction with the drawings in the embodiments of the present application. Apparently, the described embodiments are only some of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.
[0053] The embodimen...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a low-speed DDoS (Distributed Denial of Service) attack detection method, which comprises the following steps: carrying out information sampling on a received data packet to obtain traffic information; entropy calculation is carried out according to the traffic information to obtain the traffic entropy of the corresponding data packet; judging whether the flow entropy exceeds a preset threshold value or not; and if yes, determining that the data packet has the low-speed DDoS attack. According to the technical scheme, for the data packets transmitted in the network, the flow information in the data packets is firstly sampled and obtained, then the flow entropies of the corresponding data packets are obtained in an entropy calculation mode, the entropies can effectively express the distribution condition of the flow in the network, abnormal flow detection is better achieved, and the detection efficiency is improved. And finally, whether the low-speed DDoS attack exists in the data packet is determined by judging whether the flow entropy exceeds a corresponding preset threshold, so that low-speed DDoS attack detection is realized. The invention further discloses a low-speed DDoS attack detection system, computer equipment and a computer readable storage medium, which have the above beneficial effects.
Description
technical field [0001] The present application relates to the technical field of computer security, in particular to a low-speed DDoS attack detection method, and also relates to a low-speed DDoS attack detection system, computer equipment, and a computer-readable storage medium. Background technique [0002] DDoS (Distributed Denial of Service, distributed denial of service attack) means that multiple attackers in different locations launch attacks on one or several targets at the same time, or an attacker controls multiple machines in different locations and uses these machines to Simultaneous attacks on victims. [0003] Low-speed DDoS attack is a kind of DDoS attack, but it uses a completely different attack method from common DDoS attacks: the packet sending rate is the same as that of normal users, but it can still cause huge pressure on the server, because it sends legal packets at a slower rate. packets, so it is more difficult to be defended by traditional detectio...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): H04L9/40
CPCH04L63/1408H04L63/1458H04L2463/142Y02D30/50
Inventor 杜扬韩轶凡盛坤张逸康黄河孙玉娥
Owner SUZHOU UNIV