Design And Implementation Of The Traffic Cleaning Management System Based On The Alarm

The improvement and development of DDos attack technique make ISP,ICP,IDC,ect network operators are faced with more and more security and operating challenges. Network Operators have to make the detections and cleanings for the traffic before the influence of DDos threaten the key business, and make sure the network could run and business develop in a normal and stable circumstance.At the same time,the detections and cleanings of the attack traffic could also become a kind of value added service which supplied by network operators to obtain the better users'satisfacations.The essence of DDos is making use of various service request to exhaust the system resource of attacked network, thereby making the attacked network could not deal with the requests of legal users. If we can reduce or restrain the requests which are sent by certain IP source, and make selective discard the data packet that come from that IP source, so we can decrease the network traffic, and control the network traffic in a certain scope of threshold level, to make sure the servers are in a healthy and stable motion, therefore defensing the DDos's attack effectively. A lot of industry experts do their researches about DDos's defensive research are based on this kind of thinkings.This dissertation refer to abnormal traffic cleaning system include 3 parts in all: abnormal traffic checkout device Probe, abnormal traffic cleaning device Guard, and abnormal traffic cleaning management system. It is also the emphasis part of dissertation to elaborated, it can defense the attack of DDos effectively, reduce the loss of the attack of DDos. Probe,Guard and management system form a unified unity mainly by correspond and interaction of SOP agreement, UDP agreement etc. Abnormal traffic detection device and abnormal flux cleaning device adopt the banner technique in this industry, such as"parallel traffic filtering","intelligent traffic detection"techniques etc. Traffic cleaning system could detect various attribute configurations of relevant threshold of level and issue relevant operating order for abnormal traffic detection device and monitor the traffic trend of the network constantly according to the specific circumstance of network. It will inform the abnormal traffic cleaning device and realize the rapid filtration for the attack traffic as soon as it discover the menace of DDos, thereby keep the metropoliatan area network, IDC etc away mass attack of DDos, and make the server which is protected would offer normal, steady and continuous service.