| DDoS(Distributed Denial of Service) is a common malicious attacks. With the hiding and distributed attack, and it is not easy to detect and defend the DDoS. The DDoS has brought immeasurable loss in recent years. The research of detecting and defending the DDoS effectively is a important issue. Currently, a lot of job has been done for detecting and defending the DDoS, and some breakthroughs and progress have been made.Firstly, we introduce the network protocol, definition and principles of DoS. The architecture and the principle of DDoS are analyzed in detailed. We given a comprehensive and in-depth research on the attack methods, and get some comparison and summary. There are two way to detect the DDoS, feature detection and anomaly detection, which are introduced in this paper.The detection of DDoS has been proposed are focusing on corresponding type of attacks. During the attacking, if the way of attacking or the feature of the attacking packets have changed, the rate of detecting will decline, even failure to detect the attack. In order to detect dynamic DDoS attacks and fit the change of the attack, we introduce the cluster analysis and fuzzy theory. The fuzzy clustering is applied to detect the attacking packets. A schema of detecting the DDoS is proposed in this paper, in this schema, two fuzzy sets are built. When we analyze the income packets, the membership functions of packet to the fuzzy sets and the fuzzy similarity of the two sets are computed, which can be used to decide whether the packets is normal. When we detecting the packets, the fuzzy sets will be updated dynamically and ensure that the schema to adapt to the changes of the attack.The experiment proved that the method is effective for the DDoS attack. At the same time, the schema is self-adaptive and self-learning. Compared to the existing schema, this method can adapt to the changes of the attacks. |
PDF Full Text Request