基于流媒体服务DDoS攻击防范研究

分布式拒绝服务（Distributed Deny of Service,DDoS）攻击是目前最难解决的网络安全问题之一。在研究RTSP（Real-Time Streaming Protocol）协议漏洞基础上,提出一种有效防御流媒体服务DDoS攻击防御方案。该方案基于时间方差图法（Variance-TimePlots,VTP）,计算自相似参数Hurst值,利用正常网络流量符合自相似模型的特性来进行DDoS攻击检测,并综合采用黑白名单技术对流量进行处理。最后通过MATLAB仿真工具进行了模拟实验,并对结果进行了分析,在协议分析基础上能合理控制流量,使得DDoS攻击检测准确率、实时性高,目标流媒体服务器带宽和资源得到了有效保护。

Research on Defense of DDoS Attack against Streaming Media Service

Nowadays,Distributed？Denial of Service（DDoS） attack？becomes one of the？most intractable network security issues. Based on the vulnerability of？ RTSP（Real-Time Streaming Protocol） protocol,an effective defense scheme against DDoS attacks is proposed,which,based on VTP（Variance-Time Plots） method,calculates the self-similarity parameter Hurst for detecting DDoS attack according to the feature that the normal network flow should be in line with the self-similar model,and with black/white list technology,processes the anomalous flow. The simulation with MATLAB and the results analysis indicate that the proposed scheme could achieve reasonable control of the flow,is of high accuracy and real-time performance in DDoS attack detection,and realizes effective protection of bandwidth and resources of the target streaming media server.