| Distributed Denial of Service (DDoS) attacks present an immense threat to the Internet. They engage the power of a vast number of coordinated Internet hosts to consume some critical resource at the target and deny the service to legitimate clients. As a side effect, they frequently create network congestion on the way from the source to the target. The use of legitimate packets for the attack and the varying of packet fields disable characterization and filtering of the attack streams, existing security mechanisms do not provide effective defense against these attacks.The distributed nature of the attacks calls security and authentication of participants incur high cost.This paper designs a framework that can detect DDoS attacks. The main achievements in this paper include:(1) Analyse the principle of DDoS attacks and typical attack tools,research into some detection model and contrast them.(2) Introduce several technology of data mining,explain two classic data mining arithmetics Apriori and DHP, and propose some problem that should be resolved. Improve arithmetic DHP named arithmetic DHPP.(3) Propose Global-Clustering arithmetic to pretreat the packets, to reduce the quantity of contionus data.(4) Adopt the winpcap to capture original network packets.Realize a method of dual-layer filtrate array client and server.(5) Design a detect system to DDoS attack based on associate rule mining arithmetic, encode the system use Visual C++, test it by NS-2 system. |
PDF Full Text Request