| With the rapid development of Big Data,the application of Big Data is also widely used everywhere.How to analysis networking security using Big Data,has become a very popular topic.However,as the DDoS attacks,from the date of its birth,it has been one of the major threats to networking security.Although there are many security experts and scholars,who dedicated to the maintenance of network,made a lot of fruitful work to detect and defend against DDoS attacks.However,with the development of new technologies such as cloud computing,DDoS attacks are becoming worse and worse for networking security.In order to detect the DDoS attacks about TCP protocol quickly and accurately.In this thesis,we propose a scheme that uses naive Bayesian classification algorithm to detect DDoS attacks in a streaming platform,and whose computing core is Spark-streaming.Firstly,we review the related knowledge of DDoS attacks,such as the principle of DDoS attacks and the main ways using DDoS to attack network;and summarize the relevant research from predecessors in the detection and the defense.at last,in order to distinguish which events is DDoS attacks,we focus on using Naive Bayes classification algorithm to analysis the header of TCP packages.Then,we introduce the scheme of using large data platform to deal with DDoS attacks.The scheme will be analyzed from three levels to detect DDoS attacks,named the collection layer,the reorganizing layer,the processing layer.At the collection level,the visited server uses the command “tcpdump” that comes the Linux system to capture TCP packets.Flume will send the TCP packets to Kafka in the reorganizing layer;Kafka will summary TCP packets that from Flume in cache;we will write and package contains a naive Bayesian classification algorithm program,and batch submission to the Spark cluster for processing.Finally,this paper compares and tests the SYN-Flooding,Landing attack and RST reset attack.It is verified that the system has high real-time and accuracy. |
PDF Full Text Request