Location:Home > Engineering science > Information and Communication Engineering > Research on Defencing Real Source Address DDoS Attack

Research on Defencing Real Source Address DDoS Attack

Downloads: []
Tutor: KangSongLin
School: Central South University
Course: Information and Communication Engineering
Keywords: DDoS,reputation value,buffer queue,overflowmanagement,controllable sliding extra
CLC: TP393.08
Type: Master's thesis
Year:  2012
Facebook Google+ Email Gmail Evernote LinkedIn Twitter Addthis

not access Image Error Other errors

DDOS attack is a simple and efficient computer network attack and is also a major threat to nowadays Internet security. There are endless network security incidents caused by DDoS attacks. In order to get detect defense methods, many researchers have done a lot of research, but at the same time, its attack methods and tools are constantly upgrading. Traditional DDoS attacks occur at the network layer and the transport layer. It initiates attacks usually by taking advantage of the vulnerability of the TCP/IP protocol or some software defects. There has been a new type of DDoS attacks in recent years. It attacks mainly a variety of high-level application, which occurrs mainly in the application layer. So we call it application layer DDoS. The new type of attack has more destructive and is more difficult to be detected and defense.The paper does in-depth analysis on traditional DDOS attacks, and at the same time does elaboration and summarization on the the representative detection and prevention technology. The paper bases on the credibility of the value of defense collaboration model and proposes an improved scheme of the real source address of the application layer DDoS attacks. The program monitors a general feature of the server from DDoS attacks which shows the high memory usage, high CPU usage, or bandwidth congestion. In order to access the data stream from the serial-to-parallel conversion, the program vias the network server downlink packet depositing correspondly the cached queue on the basis of the IP address and extracting with a sliding window, and uses buffer overflow management mechanism to block attack traffic in a timely manner. The simulation test compares the improved model and the original model. The result shows that the improved model can compensate effectively for the deficiencies of the original model in the detection defense.
Related Dissertations
Last updated
Sponsored Links
Home |About Us| Contact Us| Feedback| Privacy | copyright | Back to top