| Nowadays Distributed Denial of Service (DDoS) attack has become to be one of the greatest troubles in Network Security. There seem to be no substantial improvement in anti-DDoS research on attack defending, detecting and retorting yet, nor did any effective or nicety method appear to predict the DDoS attack in time. The detection and defending of DDoS attack is one of the frontiers of Network Security.The traditional Detecting DDoS method detects the DDoS attack based on matching the signature of the attack, but it is not appropriate for detecting the DDoS attack based on network. In present dissertation, we analyze the statistical characteristic of the real network traffic, experiment the DDoS attack, and measure the change of the statistical characteristic brought by the attack. We do researches on constructing normal model of network traffic, analysizing Self-Similarity of network traffic-Hurst Parameter, and its time variable function H (t). Experimental analysis confirmed the validity of the novel mechanism, limiting the extent of network traffic in time and detecting the DDoS attack through measuring the change of H Parameter brought by the attack. All these results indicate that statistical analysis based on the network traffic can detect the DDoS attack and is more reliable on the recognition of kinds of DDoS attack than any other traditional method based on the character recognition.The systematic investigation of defending the DDoS attack is also made.We bring forward and implements several mechanism defending the DDoS attack, such as Netfilter and Pushback.We form a complete solution of detection and defending the DDoS attack. |
PDF Full Text Request