期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

新网络环境下应用层DDoS攻击的剖析与防御 被引量:15

Analysis and Defense for Application Layer DDoS Attacks in the Novel Network Environment
下载PDF
导出
摘要 针对新网络环境下近两年新出现的应用层分布式拒绝服务攻击,本文将详细剖析其原理与特点,并分析现有检测机制在处理这种攻击上的不足。最后,本文提出一种基于用户行为的检测机制,它利用Web挖掘的方法通过Web访问行为与正常用户浏览行为的偏离程度检测与过滤恶意的攻击请求,并通过应用层与传输层的协作实现对攻击源的隔离。 Distributed denial of service (DDoS) attacks bring a very serious threat to the stability of Intemet. DDoS attack methods and tools are becoming more sophisticated, effective and also more difficult to be traced. New forms of DDoS attacks on application layer cause current defense technologies working on TCP or IP level unable to withstand them, which makes a new challenge to the traditional anomaly detection techniques. In this paper, we discuss the rationale of application layer DDoS attacks and the disadvantages of current DDoS detection schemes in dealing with such attacks. At last, a new detection scheme focusing on application layer DDoS attacks defense based on user behavior is proposed. Filtering and blocking are also carried out for the malicious HTTP requests over the application level and TCP level.
作者 谢逸 余顺争
机构地区 中山大学电子与通信工程系
出处 《电信科学》 北大核心 2007年第1期89-93,共5页 Telecommunications Science
基金 国家自然科学基金资助项目(No.90304011) 广东省自然科学基金资助项目(No.04009747) 高等学校博士学科点专项科研基金资助项目(No.20040558043) 珠海市科技计划资助项目(No.PC20041100)
关键词 应用层 分布式拒绝服务攻击 异常检测 application level, DDoS, anomaly detection
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1Christos Douligeris,Aikaterini Mitrokotsa.DDoS attacks and defense mechanisms:classification and state-of-the-art.Computer Networks,2004,44(5):643~666 被引量:1
  • 2Cabrera J B D,Lewis L,Qin X,et al.Proactive detection of distributed denial of service attacks using MIB traffic variables a feasibility study.In:Proceeding of the IEEE/IFIP International Symposium on Integrated Network Management,Seattle,WA,USA,May 2001 被引量:1
  • 3Cheng Jin,Haining Wang,Shin K G.Hop-count filtering:an effective defense against spoofed traffic.In:Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003),Washington,DC,USA,October 2003 被引量:1
  • 4Yoohwan Kim,Wing Cheong Lau,Mooi Choo Chuah,et al.PacketScore:statistics-based overload contril against distributed denial-of-service attacks.In:Proceedings of IEEE INFOCOM,Hong Kong,China,March 2004 被引量:1
  • 5Yu Chen,Kai Hwang,Yu-Kwong Kwok.Filtering of shrew DDoS attacks in frequency domain.In:Proceedings of the 30th Conference on Local Computer Networks(LCN),Sydney,Australia,November 2005 被引量:1
  • 6Ranjan S,Swaminathan R,Uysal M,et al.DDoS-resilient scheduling to counter application layer attacks under imperfect detection.In:Proceedings of IEEE INFOCOM,Barcelona,Spain,April 2006 被引量:1
  • 7Kandula S,Katabi D,Jacob M,et al.Botz-4-sale:surviving organized DDoS attacks that mimic flash crowds.Technical Report TR-969,MIT,2004 被引量:1
  • 8Common Vulnerabilities and Exposures,http://www.cve.mitre.org/,2005 被引量:1
  • 9Ismail Ari,Bo Hong,Ethan L,et al.Modeling,analysis and simulation of flash crowds on the Internet.Technical Report UCSC-CRL-03-15.Storage Systems Research Center,Jack Baskin School of Engineering University of California,Santa Cruz,CA,Feb 2004 被引量:1
  • 10JungJ,Krishnamurthy B,Rabinovich M.Flash crowds and denial of service attacks:characterization and implications for CDNs and Web sites.In:Proceeding of the 11th IEEE Intemational World Wide Web Conference,Honolulu,Hawaii,May 2002 被引量:1

二级参考文献10

  • 1Anand S S, Patrick A R, Hughes J G. A data mining methodology for cross-sales. Knowledge Based Systems Journal, 1998,10(7):449~461 被引量:1
  • 2Park J S, Chen M S, Yu P S. Using A hash-based method with transaction trimming for mining association rules. IEEE Transactions on Knowledge and Data Eng., 1997, 9(5):813~825 被引量:1
  • 3Bfichner A G, Baumgarten M, Artand S S. Navigation pattern discovery from internet data. In: Proceedings of the 5th ACM International Conference on Knowledge Discovery and Data Mining (WEBKDD′99 Workshop) (SIGKDD′99), New York, 1999.25~30 被引量:1
  • 4Srikant R, Agrawal R. Mining generalized association rules. In: Proceedings of the 21st International Conference Very Large DataBase, Switzerland, 1995. 407~419 被引量:1
  • 5Srikant R, Agrawal R. Mining quantitative association rules in large relational tables. In: Proceedings of the ACM SIGMOD, Canada, 1996.1~12 被引量:1
  • 6Yang D L, Yang S H, Hong M C. An efficient web mining for session path patterns. In: Proceedings of International Computer Symposium 2000, Workshop on Software Eng. and Database Systems, Taiwan, 2000. 107~113 被引量:1
  • 7Brin S, Motwani R, Silverstein C. Beyond market baskets: Generalizing association rules to correlations. In: Proceedings of the ACM SIGMOD, Canada, 1996.255~276 被引量:1
  • 8Savasere A, Omiecinski E, Navathe S. Mining for strong negative associations in a large database of customer transactions. In: Proceedings of the International Conference Data Engineering, Florida, 1998. 494~502 被引量:1
  • 9Chen M S, Park J S, Yu P S. Data mining for path traversal patterns in a Web environment. In: Proceedingss of the 16th International Conference on Distributed Computing Systems, Hong Kong, 1996. 385~392 被引量:1
  • 10Mobasher B, Srivastava J. Data preparation for mining world wide web browsing patterns. Knowledge and Information System, 1999, 1(1):5~32 被引量:1

共引文献86

同被引文献54

引证文献15

二级引证文献11

电信科学
2007年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部