DDoS attacks are famous for their easy attacking way and good effects. There are a lot of security productors which have the ability of detecting and filter DDoS attack traffics as far, DDoS attacks stand aside the firewall or IDS by IP Spoofing or simulating normal network activity. And DDoS attacks send large packets to targets, the firewall and IDS spend large network bendwidth and system resource to deal with mass useless packets, these security productors maybe broken down. So how to pretect our network from DDoS attacks is the most import thing of network security and the first thing is detecting them.First, this paper summed up and anlysised the theory of DDoS attack and kinds of classical Flooding attack. Introduced the definition of intrusion detection(ID), ID categorize, ID technology and the standard of evaluating. Choosed intention of traffic, symmetry of traffic, distritution of protocol and anomaly packets as traffic characters based on DDoS... |