发明申请
- 专利标题: DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION APPARATUS AND METHOD, AND DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION APPARATUS FOR REDUCING FALSE-POSITIVE
- 专利标题(中): 分布式服务攻击检测装置和方法,以及分布式服务攻击检测和防止装置降低假阳性
-
申请号: US13323050申请日: 2011-12-12
-
公开(公告)号: US20120151593A1公开(公告)日: 2012-06-14
- 发明人: Kyoung-Soon KANG , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-jun Ahn
- 申请人: Kyoung-Soon KANG , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-jun Ahn
- 申请人地址: KR Daejeon
- 专利权人: Electronics and Telecommunications Research Institute
- 当前专利权人: Electronics and Telecommunications Research Institute
- 当前专利权人地址: KR Daejeon
- 优先权: KR10-2010-0127006 20101213
- 主分类号: G06F21/00
- IPC分类号: G06F21/00
摘要:
Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack.
公开/授权文献
信息查询
