| At present, more and more industries tend to conduct business via the In-ternet whose characteristics is convenient, efficient and low cost. In particular, the emergence of cloud computing spend up the development of the Internet.However, due to the design flaws of the Internet and the immaturity of the cloud computing, the Internet is easily to be attacked by the hackers. With the development of the Internet, the losses of the network attack raises to billions of dollars every year. Denial of service attacks are the largest proportion of total attacks, it is characterized by easy operation, destructive, difficult to de-fense, etc. In recent years, the emergence of new forms of denial of service attack developed from the physical network to the cloud computing network, and there were no measures to deal with this new form of attack.Therefore, this paper completed the design and implementation of the attack blocking system for the physical and virtual combined network. The system combines a variety of denial of service attack prevention technolo-gy, through intrusion detection, attack path reconstruction, blocking decision-making and distributed filtering, can effectively block the denial of service at-tacks and other large-scale attacks in the two kinds of networks, while greatly reducing network overhead, which has a strong practical significance during the rapid development of cloud computing.The feature of this system is that the use of improved genetic algorithm to filter the blocking position, improving blocking efficiency; still be able to dy-namically optimize the filtering rules, and reduce the average matched latency of packets. In addtion, in the virtual network to distinguish the normal flow and attack flow by collecting characteristics of attack samples which can improve correct rate of blocking. Finally, the system has been thoroughly tested, and the results show that the system is able to block various types of denial of service attacks, greatly protecting the network security. |
PDF Full Text Request