期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于网络全局流量异常特征的DDoS攻击检测 被引量:13

DDoS attack detection based on global network properties of network traffic anomaly
在线阅读 下载PDF
导出
摘要 由于分布式拒绝服务(DDoS)攻击的隐蔽性和分布式特征,提出了一种基于全局网络的DDoS检测方法。与传统检测方法只对单条链路或者受害者网络进行检测的方式不同,该方法对营运商网络中的OD流进行检测。该方法首先求得网络的流量矩阵,利用多条链路中攻击流的相关特性,使用K-L变换将流量矩阵分解为正常和异常流量空间,分析异常空间流量的相关特征,从而检测出攻击。仿真结果表明该方法对DDoS攻击的检测更准确、更快速,有利于DDoS攻击的早期检测与防御。 Due to the invisibility and distributivity characteristics of Distributed Denial of Service (DDoS) attack, a new DDoS detection method based on global network was presented in this paper. Our method detects DDoS by analyzing OD traffic matrix, whereas the traditional methods detect it on single link or victim network. This method was carried out as follows: First, we need to get network traffic matrix in order to obtain the correlation character of attack traffic among multiple links. Then, traffic matrix was divided into normal space and abnormal space by K-L transformation. Finally, the correlation of abnormal space was achieved to detect DDoS attack. The simulation result shows that this proposed method is more accurate and faster than traditional methods. It is in favor of earlier detection of DDoS attack.
作者 罗华 胡光岷 姚兴苗
机构地区 电子科技大学通信与信息工程学院
出处 《计算机应用》 CSCD 北大核心 2007年第2期314-317,共4页 journal of Computer Applications
基金 国家自然科学基金资助项目(60572092) 四川省青年科技基金资助项目(04ZQ026-028)
关键词 分布式拒绝服务攻击 全局流量异常 流量矩阵 Distributed Denial of Service (DDoS) attack global network traffic anomaly Traffic Matrix(TM)
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献13

  • 1STEIN L.The World Wide Web Security FAQ,Version 2.0.1[EB/OL].http://www.w3.org/Security/Faq/-visited,2000 -04-10.
  • 2CHANG RKC.Defending against flooding-based,Distributed Denial of Service attacks:a tutorial[J].IEEE Communications Magazine.2002,40 (10):42 -51.
  • 3HAO S,SONG H,JIANG WB,et al.A Queue Model to Detect DDoS Attacks[A].Proceedings of the 2005 International Symposium on Collaborative Technologies and Systems[C].2005.106 -112.
  • 4SOEJIMA Y,CHEN EY,FUJI H.Detecting DDoS Attacks by Analyzing Client Response Patterns[A].SAINT Workshops[C].2005.98-101.
  • 5BARFORD P,KLINE J,PLONKA D,et al.A signal analysis of network traffic anomalies[A].Proceedings of ACM SIGCOMM Intemet Measurement Workshop[C].Marseilles,France,2002.71 -82.
  • 6PAPAGIANNAKI K,TAFT N,LAKHINA A.A Distributed Approach to Measure Traffic Matrices[A].In ACM Internet Measurement Conference[C].Taormina,Italy,October 2004.
  • 7CAO J,DAVIS D,VANDER WEIL S,et al.Time-Varying Network Tomography[J].Journal of the American Statistical Association,2000,95(452):1063-1075.
  • 8SOULE A,LAKHINA A,TAFT N,et al.Traffic Matrices:Balancing Measurements,Inference and Modeling[A].ACM Sigmetrics 2005[C].Banff.June 2005.
  • 9MEDINA A,TAFT N,SALAMATIAN K,et al.Traffic Matrix Estimation:Existing Techniques and New Directions[A].In ACM SIGCOMM[C].Pittsburgh,USA,Aug.2002.
  • 10KIM S,REDDY ALN,VANNUCCI M.Detecting Traffic Anomalies through Aggregate Analysis of Packet Header Data[A].NETWORKING 2004[C].2004.1047-1059.

同被引文献67

引证文献13

二级引证文献143

计算机应用
2007年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部