计算机工程与应用 ›› 2009, Vol. 45 ›› Issue (33): 93-95.DOI: 10.3778/j.issn.1002-8331.2009.33.030

• 网络、通信、安全 • 上一篇    下一篇

基于漫游蜜罐的DDoS防御模型设计

厉章忠,王以刚   

  1. 东华大学 计算机科学与技术学院,上海 201620
  • 收稿日期:2008-07-02 修回日期:2008-10-10 出版日期:2009-11-21 发布日期:2009-11-21
  • 通讯作者: 厉章忠

Design of defense model based on roaming honeypot for DDoS attacks

LI Zhang-zhong,WANG Yi-gang   

  1. College of Computer Science and Technology,Donghua University,Shanghai 201620,China
  • Received:2008-07-02 Revised:2008-10-10 Online:2009-11-21 Published:2009-11-21
  • Contact: LI Zhang-zhong

PDF

摘要: 针对当前DDoS防御方法的不足,提出了一种基于漫游蜜罐的DDoS两阶段防御模型。该模型在第一阶段根据DDoS攻击的初期特征,建立简单高效的统计预警模型,并触发下一阶段防御;在第二阶段,应用秩和检验法自动选取检测特征,根据到重心的距离甄别合法与非法流,并对合法流进行漫游。实验结果表明,该模型能较早发现攻击,检测精度高,响应及时。

关键词: 漫游蜜罐, DDoS攻击, 秩和检验, 防御模型

Abstract: This paper proposes a two-phase model using roaming honeypot to prevent DDoS attacks due to the deficiency of present detection algorithms.In the first phase,in order to detect the attacks earlier and evoke the next phase,a simple and efficient statistical model is made in the probing stage of DDoS attacks.Then in the second phase,a set of effective detection characteristics is automatically chosen,using rank sum test,to compute distances from barycenter,which is able to differentiate between legal and illegal flows and prepare for roaming the legitimate flows timely.The experimental results show the effectiveness of the model in detecting and responding DDoS attacks.

Key words: roaming honeypot, DDoS attacks, rank sum test, defense model

中图分类号: 

京ICP备13024262号-1
Copyright © 《计算机工程与应用》编辑部
技术支持:北京玛格泰克科技发展有限公司
总访问量
今日访问
在线人数