-
1.发明申请公开(公告)号:US20120151593A1
公开(公告)日:2012-06-14
申请号:US13323050
申请日:2011-12-12
申请人: Kyoung-Soon KANG , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-jun Ahn
发明人: Kyoung-Soon KANG , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-jun Ahn
IPC分类号: G06F21/00
CPC分类号: H04L63/1458 , H04L41/142 , H04L43/026 , H04L43/0894 , H04L63/1425
摘要: Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack.
摘要翻译: 提供了一种DDoS攻击检测装置,其包括:信息收集单元,用于收集关于流量变化的速率信息,第一类型流的变化和第二类型流的每秒包(Packet Per Second,PPS)的DDoS检测信息,其中关于 使用每单位时间输入的分组的分组计数,每单位时间输入的流量流量和每单位时间输入的字节数字获得流量变化; 以及测试单元,通过使用由关于业务变化的速率信息确定的第一概率来计算DDoS攻击的发生概率,由第一类型流的变化确定的第二概率和由PPS确定的第三概率,用于 根据DDoS攻击的发生概率,第二类流检测DDoS攻击的发生。
-
2.发明授权Distributed denial of service attack detection apparatus and method, and distributed denial of service attack detection and prevention apparatus for reducing false-positive 有权分布式拒绝服务攻击检测装置和方法,以及减少假阳性的分布式拒绝服务攻击检测和预防装置公开(公告)号:US08677488B2
公开(公告)日:2014-03-18
申请号:US13323050
申请日:2011-12-12
申请人: Kyoung-Soon Kang , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-Jun Ahn
发明人: Kyoung-Soon Kang , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-Jun Ahn
IPC分类号: H04L29/06
CPC分类号: H04L63/1458 , H04L41/142 , H04L43/026 , H04L43/0894 , H04L63/1425
摘要: Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack.
摘要翻译: 提供了一种DDoS攻击检测装置,其包括:信息收集单元,用于收集关于流量变化的速率信息,第一类型流的变化和第二类型流的每秒包(Packet Per Second,PPS)的DDoS检测信息,其中关于 使用每单位时间输入的分组的分组计数,每单位时间输入的流量流量和每单位时间输入的字节数字获得流量变化; 以及测试单元,通过使用由关于业务变化的速率信息确定的第一概率来计算DDoS攻击的发生概率,由第一类型流的变化确定的第二概率和由PPS确定的第三概率,用于 根据DDoS攻击的发生概率,第二类流检测DDoS攻击的发生。
-
搜索结果
2 条记录 (耗时 0.024 秒)
