Research On Detection And Defense To DDoS Attack

Defending against Distributed Denial of Service attacks is one of the hardest security problems on the Internet today.So, doing research on DDoS attacks and their countermeasures is very important. Many researchers did a lot of research on DoS and DDoS attack and proposed some constructive countermeasures. The paper researches the solution to DDoS according to general theory of statistics.In this paper, the theory,mechanism, methods of and countermeasures to DDoS attacks are reviewed and the research of relational documents is introduced. The problem of validity and accuracy on the detection and defense at the present stage is pointed out. In order to solve the problem, multivariate statistical analysis is introduced in the paper. Multivariate statistical analysis is a branch evolving from classic statistics. It can analyze the statistical regularity of multi-object and multi-index on condition that they are releted. Multivariate statistical analysis is used for detection and defense to DDoS attacks perfectly although its application in network analysis is very extensive. So the intelligent detecting algorithm to DDoS attacks based on multivariate statistical analysis is researched in this paper. The algorithm is introduced detailedly, and especially the key of algorithm that is selection and process of the parameters on the characters of DDoS attacks is pointed out in the paper.To the question, two kinds of solution is given and releted algorithm is optimized in the paper. One of two kinds of solution is the algorithm based on entropy which processes the characteristic of attacks traffic according to the theory on information entropy. The experiment shows the distinct classification of normal traffic and attacks traffic and reach of the optimizing the algorithm. The other one is detection algorithm based on characteristic parameters. It analyzes the feature of DDoS attacks and and summarize the universal feature of DDoS attacks. After that, the characteristic parameters, which is regarded as the key parameters used for distinguishing mormal traffic and attacks traffic, are extracted by mathematical treatment. The experiment shows that the algorithm distinguishes normal traffic and attacks traffic and can improve the accuracy on the detection effectively.Finally, a summary is given and the future research directions are also pointed out.