计算机应用与软件
計算機應用與軟件
계산궤응용여연건
Computer Applications and Software
2015年
9期
299-302,309
,共5页
DDoS攻击%并行检测线程%Sketch矩阵%信息熵%动态阈值
DDoS攻擊%併行檢測線程%Sketch矩陣%信息熵%動態閾值
DDoS공격%병행검측선정%Sketch구진%신식적%동태역치
DDoS attack%Parallel detection thread%Sketch matrix%Information entropy%Dynamic threshold
由于单进程抓包检测分布式拒绝服务攻击(DDoS)方法,检测速度较慢,危害客户端的安全。针对这种情况,提出高速率单点局部异常检查算法。方法首先基于单点多线程抓包,然后,利用Sketch矩阵对网络信息参数(目的IP)压缩存储,计算压缩存储的信息、得出信息熵[1]和动态阈值,最后对熵值和动态阈值作比较,判断是否有异常发生。实验结果表明,检测系统的检测速度得到明显的提高,降低了攻击对客户端资源的危害性。实验数据表明该方法能够更快更准确地检测出网络信息的异常,为客户端预防攻击争取了时间。
由于單進程抓包檢測分佈式拒絕服務攻擊(DDoS)方法,檢測速度較慢,危害客戶耑的安全。針對這種情況,提齣高速率單點跼部異常檢查算法。方法首先基于單點多線程抓包,然後,利用Sketch矩陣對網絡信息參數(目的IP)壓縮存儲,計算壓縮存儲的信息、得齣信息熵[1]和動態閾值,最後對熵值和動態閾值作比較,判斷是否有異常髮生。實驗結果錶明,檢測繫統的檢測速度得到明顯的提高,降低瞭攻擊對客戶耑資源的危害性。實驗數據錶明該方法能夠更快更準確地檢測齣網絡信息的異常,為客戶耑預防攻擊爭取瞭時間。
유우단진정조포검측분포식거절복무공격(DDoS)방법,검측속도교만,위해객호단적안전。침대저충정황,제출고속솔단점국부이상검사산법。방법수선기우단점다선정조포,연후,이용Sketch구진대망락신식삼수(목적IP)압축존저,계산압축존저적신식、득출신식적[1]화동태역치,최후대적치화동태역치작비교,판단시부유이상발생。실험결과표명,검측계통적검측속도득도명현적제고,강저료공격대객호단자원적위해성。실험수거표명해방법능구경쾌경준학지검측출망락신식적이상,위객호단예방공격쟁취료시간。
Single-process capture detection method for distributed denial of service (DDoS)attacks is slow in detection rate and endangers the safety of clients.For this situation,we proposed the high-rate single-point local anomaly detection algorithm.The method is firstly based on the single-point multi-threaded capture,and then uses Sketch matrix to compress and store the parameters of network information (destination IP),calculates the compressed and stored information to obtain the information entropy[1 ] and dynamic threshold,finally the entropy and the dynamic threshold are compared to determine whether the anomaly occurs.Experimental results show that the detection speed of the detection system is significantly improved,and the harmfulness of the attack on client resources is decreased.Experimental data indicates that the method can be faster and more accurate in detecting the anomalies of network information,and this gains the time for clients in preventing attacks.
