公开(公告)号：US20120151593A1

公开(公告)日：2012-06-14

申请号：US13323050

申请日：2011-12-12

申请人： Kyoung-Soon KANG ,  Hak-Suh Kim ,  Boo-Geum Jung ,  Ki-Cheol Jeon ,  Byung-jun Ahn

发明人： Kyoung-Soon KANG ,  Hak-Suh Kim ,  Boo-Geum Jung ,  Ki-Cheol Jeon ,  Byung-jun Ahn

IPC分类号： G06F21/00

CPC分类号： H04L63/1458 ,  H04L41/142 ,  H04L43/026 ,  H04L43/0894 ,  H04L63/1425

摘要： Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack.

摘要翻译： 提供了一种DDoS攻击检测装置，其包括：信息收集单元，用于收集关于流量变化的速率信息，第一类型流的变化和第二类型流的每秒包（Packet Per Second，PPS）的DDoS检测信息，其中关于 使用每单位时间输入的分组的分组计数，每单位时间输入的流量流量和每单位时间输入的字节数字获得流量变化; 以及测试单元，通过使用由关于业务变化的速率信息确定的第一概率来计算DDoS攻击的发生概率，由第一类型流的变化确定的第二概率和由PPS确定的第三概率，用于 根据DDoS攻击的发生概率，第二类流检测DDoS攻击的发生。

公开(公告)号：US20090073973A1

公开(公告)日：2009-03-19

申请号：US12156333

申请日：2008-05-29

申请人： Bup-joong Kim ,  Hak-suh Kim ,  Byung-jun Ahn

发明人： Bup-joong Kim ,  Hak-suh Kim ,  Byung-jun Ahn

IPC分类号： H04L12/56

CPC分类号： H04L49/901 ,  H04L49/90 ,  H04L63/0227 ,  H04L67/12

摘要： A router having a black box function capable of storing a data block of a specific node or node group in a network, and a network system including the router are provided. The router includes: a black box memory storing node data; at least one packet preprocessor selecting and processing a data packet required to be stored in a black box from node data transferred via a wired/wireless transmission medium; a data storage storing the node data transferred through the packet preprocessor in the black box memory; a data reader reading corresponding node data in response to a node data transfer request from an external device; and a data transmitter processing the node data read by the data reader in the form of a packet and transferring the packet to the external device.

摘要翻译： 具有能够存储网络中的特定节点或节点组的数据块的黑匣子功能的路由器和包括路由器的网络系统。 路由器包括：存储节点数据的黑盒存储器; 至少一个分组预处理器从经由有线/无线传输介质传送的节点数据中选择和处理需要存储在黑盒中的数据分组; 数据存储器，存储通过黑盒存储器中的分组预处理器传送的节点数据; 数据读取器响应于来自外部设备的节点数据传送请求读取相应的节点数据; 数据发送器以数据包的形式处理由数据读取器读取的节点数据，并将数据包传送到外部设备。