| 一种运用限幅自相似性的新型DDoS入侵检测机制 |
| |
| 引用本文: | 罗光春,卢显良,薛丽军.一种运用限幅自相似性的新型DDoS入侵检测机制[J].计算机科学,2004,31(3):80-85. |
| |
| 作者姓名: | 罗光春 卢显良 薛丽军 |
| |
| 作者单位: | 电子科技大学信息中心,成都,610054 |
| |
| 基金项目: | 国家九七三(项目号973-1-4-2),电子科技大学青年基金支持 |
| |
| 摘 要: | 本文提出了一种新型的DDoS入侵检测方法,在建立正常网络流量模型基础上,对网络流量的自相似性-Hurst参数、Hurst参数的时变函数H(t)进行分析,对网络流量进行实时限幅,由自相似性的变化来预测DDoS攻击,并用数据库对攻击定住。试验表明基于网络流量的统计分析方法能够在一定程度上检测出DDoS攻击,比传统的基于特征匹配的DDoS入侵检测方法,在实时性、准确率上有较大提高。
|
| 关 键 词: | 计算机网络 网络安全 入侵检测系统 DDoS 网络流量 限幅自相似性 |
A Novel Mechanism of DDoS Intrude Detection Based on Setting a Limit and Self-Similarity |
| |
| LUO Guang-Chun LU Xian-Liang XUE Li-Jun.A Novel Mechanism of DDoS Intrude Detection Based on Setting a Limit and Self-Similarity[J].Computer Science,2004,31(3):80-85. |
| |
| Authors: | LUO Guang-Chun LU Xian-Liang XUE Li-Jun |
| |
| Abstract: | This paper presents a novel mechanism of DDoS Intrude Detection. We do researches on constructing normal model of network traffic, analysizing Self-Similarity of network traffics-Hurst Parameter, and its time variable function H(t). Through limiting the extent of network traffic in time, we measure the change of H Parameter brought by DDoS attack. Moreover we use Distributed Database to refine the DDoS attack. As it shown by the research result, this statistical analysis method can detect DDoS attack and is more reliable on the recognition of kinds of DDoS attack than any other traditional method based on character recognition- |
| |
| Keywords: | Intrude detection DDoS Self-similarity |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
