| 新网络环境下应用层DDoS攻击的剖析与防御 |
| |
| 引用本文: | 谢逸,余顺争.新网络环境下应用层DDoS攻击的剖析与防御[J].电信科学,2007,23(1):89-93. |
| |
| 作者姓名: | 谢逸 余顺争 |
| |
| 作者单位: | 中山大学电子与通信工程系,广州,510275 |
| |
| 基金项目: | 国家自然科学基金,广东省自然科学基金,教育部高等学校博士学科点专项科研基金,广东省珠海市科技计划 |
| |
| 摘 要: | 针对新网络环境下近两年新出现的应用层分布式拒绝服务攻击,本文将详细剖析其原理与特点,并分析现有检测机制在处理这种攻击上的不足.最后,本文提出一种基于用户行为的检测机制,它利用Web挖掘的方法通过Web访问行为与正常用户浏览行为的偏离程度检测与过滤恶意的攻击请求,并通过应用层与传输层的协作实现对攻击源的隔离.
|
| 关 键 词: | 应用层 分布式拒绝服务攻击 异常检测 |
| 收稿时间: | 2006-12-12 |
| 修稿时间: | 12 12 2006 12:00AM |
Analysis and Defense for Application Layer DDoS Attacks in the Novel Network Environment |
| |
| Xie Yi,Yu Shunzheng.Analysis and Defense for Application Layer DDoS Attacks in the Novel Network Environment[J].Telecommunications Science,2007,23(1):89-93. |
| |
| Authors: | Xie Yi Yu Shunzheng |
| |
| Affiliation: | Department of Electrical and Communication Engineering, Sun Yat-Sen University, Guangzhou 510275, China |
| |
| Abstract: | Distributed denial of service (DDoS) attacks bring a very serious threat to the stability of Internet. DDoS attack methods and tools are becoming more sophisticated, effective and also more difficult to be traced. New forms of DDoS attacks on application layer cause current defense technologies working on TCP or IP level unable to withstand them, which makes a new challenge to the traditional anomaly detection techniques. In this paper, we discuss the rationale of application layer DDoS attacks and the disadvantages of current DDoS detection schemes in dealing with such attacks. At last, a new detection scheme focusing on application layer DDoS attacks defense based on user behavior is proposed. Filtering and blocking are also carried out for the malicious HTTP requests over the application level and TCP level. |
| |
| Keywords: | application level DDoS anomaly detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
