摘要
设计并实现了1种基于小波变换的DDoS(分布式拒绝服务)攻击快速在线检测器.采用自定义的Socket方式进行在线数据包捕获,采用链表形式的数据包特征库进行数据特征存储,利用小波变换求解自相似系数在线检测DDoS攻击.试验结果表明,该设计可以快速区分DDoS攻击与正常大流量数据,并可有效检测出非知名DDoS攻击工具发起的攻击.
A fast online detection method aiming at DDoS(distributed denial of service) attack detection based wavelet transform was presented. The user-defined Socket method was adopted to capture network packets, the linked-list packets character library was responsible for keeping packets, and DDoS attack was detected online based on changes in the characteristic of network self-similarity which was estimated by using the real-time wavelet transform. The experiment results show that the detection can distinguish real DDoS attack from the massive data flow, and can effectively detect DDoS attack launched by unknown DDoS tools fast.
出处
《北京邮电大学学报》
EI
CAS
CSCD
北大核心
2007年第3期122-125,共4页
Journal of Beijing University of Posts and Telecommunications
基金
国家自然科学基金项目(6057314170271050)
国家"863计划"项目(2006AA01z438)
南京市高科技项目(2006软资105)
现代通信国家重点实验室基金项目(9140C1101010603)
江苏省计算机信息处理技术重点实验室基金项目(kjs050001kjs0606)
