计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (6): 119-121.

• 网络、通信、安全 • 上一篇    下一篇

检测DRDoS攻击的新方法

贺 燕1,任平安1,2,马建峰2   

  1. 1.陕西师范大学 计算机科学学院,西安 710062
    2.西安电子科技大学 计算机科学学院,西安 710071
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2011-02-21 发布日期:2011-02-21

Novel detecting method for DRDoS attack

HE Yan1,REN Ping’an1,2,MA Janfeng2   

  1. 1.School of Computer Science,Shaanxi Normal University,Xi’an 710062,China
    2.School of Computer Science,Xidian University,Xi’an 710071,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2011-02-21 Published:2011-02-21

摘要: 基于Hiroshima Tsunoda等人的简单回应包确认机制模型提出一个改进模型,增加了监视器,有利于对正常连接的响应,从而提高服务速度,匹配器的二次检测确保了异常包的检测率不变。假设回应包总数为n,当异常包的概率p<1-1/(20n)时该模型的时间复杂度优于原模型。

关键词: DRDoS, 攻击检测, 响应包数量, 时间复杂度

Abstract: Based on the simple response packet confirmation mechanism proposed by Hiroshima Tsunoda etc,this paper presents a novel model which adds a monitor to Hiroshima Tsunoda’s model in order to response normal connection well and to increase the speed of service,moreover detecting abnormal packet once again in comparator ensure the detection rate.Suppose the total response packet is n,when the rate of abnormal package is less than[1-1/(20n)],the time complexity of this model is less than that of Hiroshima Tsunoda’s model.

Key words: DRDoS, attack detection, response packet quantity, time complexity