| With the fast development of the network,the world has come into theera of information.What isalmost unbelievable to us is to imagine a worldwithout the network. However, the network also encountered manythreats, and it is more difficult to detect these threats as well as to defendthem.This paper discusses a way to defend and detect the application DDoSattack based on the web servers. Its objection is to lower the threats to theapplication DDoS attack based on the web servers.As far as the DDoS attack is concerned, it includes mainly about theapplication DDoS attack and network DDoS attack. The threats caused bythe network DDoS attack has been lowered because there has been existsmany new solutions. Nowadays, the application DDoS attack has donethe greater harm to the safety of the network. This new attack way hasmore dangerous, because the application DDoS attack behaves the sameas the ordinary users do, which results that it is more difficult to defendthe application DDoS attack if we can not distinguish the abnormal andnormal behaviors at first stage.This paper discusses the principle of the DoS and DDoS, and alsodiscuss the attack way the network DDoS attack behaves, for example,SYN Flooding, IP Spoofing, Teardrop and so on, and discuss the traits ofthe network DDoS attack.Later, this paper discusses the application DDoS attack and thedifferences between network DDoS attack and application DDoS attack indetail. The application DDoS attack has three main ways, including request Flooding, Asymmetric attack and the low-speed attack. In essence,the most common attack way is the resource exhaust of the hosts.Because the HTTP protocol is the main communication protocol ofthe Web servers, so this paper focuses on the HTTP protocol so as tounderstand the process of the sessions between two different applicationlayers better.Nowadays, the application DDoS attack just focuses on the safety ofthe servers and drag the users into the blacklist once the users’ behaviorsare thought to be abnormal, so this paper posts up a defending way whichbalances the need of clients and the servers, and confirms whether theseuses are attackers or not by the way of identifying code, and permits theusers to access the servers with some restrictions if the clients has notreached the Threshold.Finally, we test the defending way by the tools of Httperf andAutobench, the test could be done under the circumstance of Lamp,Libpcap should be taken to capture the network packets, these tools cansimulate the application DDoS attack very well. And the results of the testhave proved that the defending way has good performance. |
PDF Full Text Request