| Nowadays Distribute Denial Of Service (DDoS) become to be one of the greatest troubles in Network .Security. seem to be no substantial improvement in anti-DDoS research on attack prevting, detecting&retorting yet,nor did any efective or nicety method appear to predict the DDoS attack in time .DDoS attack detection and defending is one of the frontiers in the field of Network security.The traditional Detecting DDoS method detects the DDoS based on matching the signature of the ateks, but it is not appropriate for detection of the DDoS attack based on network. In present dissertation, we analyze the statistical characteristic of the real network traffic, experiment the DDoS attack, and measure the change of the statisticalcha racteristic brought by the attacks. We do researches on constructing normal model of network traffic, analysizing Self-Similarity of network traffics-Hurst Parameter, and its time variable function H(t). Experimental analysis confirmed the validity of the novel mechanism,limiting the extent of network traffic in time and detecting the DDoS attack through measuring the change of H Parameter brought by the attacks.Moreover we use Database to refine the DDoS attack.All these results indicate that statistical analysis based on the network trafic can detected DDoS atack and is more reliable on the recongnition of kinds of DDoS attack than any other traditional method base on character recognition. |
PDF Full Text Request