A Research Of DDOS Attack And Response Mechanism

The 21st century is the information age, people have become accustomed to get the required information from the Internet. The relation between people and Internet are more and more closing, so people in the Internet security requirements are increasingly high. DDOS attack is one of the most dangerous threaten on the Internet. As minor as, it can prevent legitimate user to provide normal service. An major as, it can paralyze the entire Internet.At present, many network security companies or research institutes have put forward DOS/DDOS defense solution. Entry-level DDOS attack methods such as:TCP SYN FLOOD etc, have been very difficult to pose a thread. It is necessary to research more subtle DDOS attack method and DDOS response algorithm.At first, this paper describes the definition of the network protocol blocking DOS attack, and tools of reproduction the network blocking DOS attack. The second, we detailed analyze the link layer and transport layer networking protocol, to find out network vulnerability, and we take advantage of network protocol analysis and network protocol reverse engineering, extracting Yahoo Messenger, MSN Messenger, ICQ, SOQ, SMTP protocol, POP3 protocol characteristic string. The third, taking full account of the softwares' ease of use, robustness and scalability of the circumstances, we design and implement the network protocol blocking DOS attack software, and represent the network protocol blocking DOS attack. The last, basing on analysis of abnormal traffic of the DOS attacks, design the response algorithm. According to DOS response algorithm, we implement the network protocol blocking DOS response software. Combined with the network protocol blocking DOS attack and the network protocol blocking DOS response software test the DOS response algorithm. Result show that the algorithm is able to accurately respond to discovery the network protocol blocking DOS attack, and achieve the desired objectives.Finally, this paper makes a conclusion to the network protocol blocking DOS attack and points out its advantage and possible improvable aspects and at last describes the prospect of DOS response mechanism.