检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]中山大学电子与通信工程系
出 处:《计算机科学》2007年第8期109-111,共3页Computer Science
基 金:国家自然科学基金(90304011);广东省自然科学基金(04009747);高等学校博士学科点专项科研基金(20040558043)资助
摘 要:从近年的发展趋势看,分布式拒绝服务攻击已经从原来的低层逐渐向应用层发展,它比传统的攻击更加有效且更具隐蔽性。为检测利用合法应用层HTTP请求发动的洪泛攻击,本文把应用层洪泛攻击视为一种异常的用户访问行为,从用户浏览行为的角度实现攻击检测。基于实际网络流的试验表明,该模型可以有效测量Web用户的访问行为正常度并实现应用层的DDoS洪泛攻击检测。Distributed Denial of Service (DDoS)attacks are typically carried out at the network layer. However, there is evidence to suggest that application layer DDoS attacks can be more effective than the traditional ones. A sophisticated attack using legitimate application layer HTTP requests from legitimately connected network machines to overwhelm Web server is discussed. A counter-mechanism based on Web user browsing behavior is proposed to protect the servers from these attacks. In contrast to prior works, Hidden semi-Markov Model is explored to describe the browsing behaviors of Web users and to implement the anomaly detection for the application layer flooding attacks. By conducting an experiment with a real traffic data, the model shows that it is effective in measuring the user behaviors and detecting the application layer flooding attacks.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.38
