DRDoS attack detection and mitigation method based on feature analysis and online clustering

The invention discloses a DRDoS attack detection and mitigation method based on feature analysis and online clustering, and belongs to the field of computer network security. The method comprises the following steps of: designing network flow characteristics which are to be extracted and reflect a d...

Full description

Saved in:
Bibliographic Details
Main Authors LI XINMENG, TANG DAN
Format Patent
LanguageChinese
English
Published 07.05.2024
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:The invention discloses a DRDoS attack detection and mitigation method based on feature analysis and online clustering, and belongs to the field of computer network security. The method comprises the following steps of: designing network flow characteristics which are to be extracted and reflect a data packet chaos degree and a bidirectional flow multiple relation, extracting the characteristics at an edge programmable switch, judging a network state and positioning a victim IP (Internet Protocol) through characteristic analysis, and reducing Hash collision by using a conservative update sketch and a counting minimum sketch; the programmable switch reports information of a data packet sent to a victim IP to the controller by using digest, the controller performs online clustering on the data packet based on the reported packet information, the online packet clustering is performed periodically, and the cluster number is not fixed; and the controller divides attack clusters according to a clustering result, fo
Bibliography:Application Number: CN202410147896