| Since the 21 st century, the Internet has achieved great development and wide application. At the same time, network security issues have increasingly affected people’s life. Among these issues, distributed denial of service attack(DDo S attack) is an important part.DDo S detection and DDo S defense techniques are often used to prevent DDo S attacks. However, the selections of detection feature and passive defense have always been two main challenges when faced with DDo S attacks. People are looking forward to the birth of a prospective, real-time, adaptive and active DDo S defense system. Focused on the above two problems and the requirement of DDo S defense system, we research on Kalman filtering algorithm and SYN Flooding attack. This dissertation mainly works on the following four aspects.1. For the challenges of DDos attacks, we propose the model of "five way handshake". After we studied the process and feature selection of SYN Flooding attacks, we choose the RTT between host and server as the feature to conduct detection and defense. Thus, we convert traditional "three way handshake" of TCP connection to the active "five way handshake" defense process.2. Based on "five way handshake" process, we build SYN Flooding defense model for known networks. We first implement Kalman filtering on the RTT between known networks and server, in order to decrease the random errors. Then, based on filtered RTT, we conduct detection and defense to TCP connections.3. Based on "five way handshake" process, we build SYN Flooding defense model for the unknown networks. First we apply Affinity Propagation(AP for short) algorithm to divide subnets. Through comparison from the last clustering results, the divisions approach real case. In this way, unknown networks are transformed to known networks. Then we build Kalman filtering defense model for the known network.4. Based on the Netfilter/iptables, we implement the prototype system for the Kalman defense model of unknown networks. Besides, we test the system. |
PDF Full Text Request