Reasearch And Implementation Of Application Layer DDoS Attack Defense System Based On User Score

Today, DDoS attacks have become one of the most serious threats to Internet service providers, and with the progress of network security technology, network layer DDoS attacks have been effectively restrained,the attacker will attack the target transfer to the application layer, at this stage have the greatest threat to the network is the application layer DDoS attack. Although the researchers have made a lot of research results, but there are still many problems, such as poor detection efficiency, poor user experience, lack of practicality and so on.In this paper, the user score mechanism is proposed based on a new application layer DDoS attack detection algorithm, and the principle of statistics server burst and DDoS attack in two states were distinguished,the design and implementation of a high detection efficiency and user experience more friendly, more practical application layer DDoS attack defense system in algorithm on.The main study results are as follows: (1) According to the application layer DDoS attack and normal user access long-term habits and flow characteristics of the different proposed to describe a IP daily browsing behavior is often based on application layer DDoS attack detection model of user ratings, analyze the score through custom records and the flow characteristics of long term access to the source IP address, can effectively determine the reliability of IP. (2) According to the similarity between the burst current and DDoS attack, a statistical algorithm is proposed, which can be used to distinguish the complex network environment. The experimental results show that the algorithm can effectively improve the detection rate of application layer DDoS attacks, reduce false alarm rate and greatly improve the user experience.Finally, the algorithm mentioned in this paper are implemented, the specific module design and interactive function of the system, and carried on the test of the system in a simulated environment, by analyzing and processing the experiment data collected can be proved through the system, can effectively detect and defend the application layer DDoS attack mitigation the pressure on the server, to eliminate the threat.