CN103095711A - Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website - Google Patents
Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website Download PDFInfo
- Publication number
- CN103095711A CN103095711A CN2013100187988A CN201310018798A CN103095711A CN 103095711 A CN103095711 A CN 103095711A CN 2013100187988 A CN2013100187988 A CN 2013100187988A CN 201310018798 A CN201310018798 A CN 201310018798A CN 103095711 A CN103095711 A CN 103095711A
- Authority
- CN
- China
- Prior art keywords
- sequence
- user
- website
- application layer
- page
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 28
- 238000012549 training Methods 0.000 claims abstract description 16
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 9
- 238000005295 random walk Methods 0.000 claims description 28
- 239000011159 matrix material Substances 0.000 claims description 18
- 230000007704 transition Effects 0.000 claims description 14
- 230000007123 defense Effects 0.000 claims description 9
- 230000005856 abnormality Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 5
- 238000003064 k means clustering Methods 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims description 2
- 238000000034 method Methods 0.000 abstract description 17
- 238000010586 diagram Methods 0.000 description 7
- 230000006399 behavior Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 2
- 238000000205 computational method Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013508 migration Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310018798.8A CN103095711B (en) | 2013-01-18 | 2013-01-18 | A kind of application layer ddos attack detection method for website and system of defense |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310018798.8A CN103095711B (en) | 2013-01-18 | 2013-01-18 | A kind of application layer ddos attack detection method for website and system of defense |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103095711A true CN103095711A (en) | 2013-05-08 |
CN103095711B CN103095711B (en) | 2016-10-26 |
Family
ID=48207844
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310018798.8A Active CN103095711B (en) | 2013-01-18 | 2013-01-18 | A kind of application layer ddos attack detection method for website and system of defense |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103095711B (en) |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103810241A (en) * | 2013-11-22 | 2014-05-21 | 北京奇虎科技有限公司 | Filtering method and device for low-frequency clicks |
CN104901971A (en) * | 2015-06-23 | 2015-09-09 | 北京东方棱镜科技有限公司 | Method and device for carrying out safety analysis on network behaviors |
CN105510971A (en) * | 2016-02-18 | 2016-04-20 | 福建师范大学 | Seismic data abnormality detection method based on random walk |
CN105592070A (en) * | 2015-11-16 | 2016-05-18 | 中国银联股份有限公司 | Application level DDoS defense method and system |
CN105812280A (en) * | 2016-05-05 | 2016-07-27 | 四川九洲电器集团有限责任公司 | Classification method and electronic equipment |
CN106209861A (en) * | 2016-07-14 | 2016-12-07 | 南京邮电大学 | A kind of based on broad sense Jie Kade similarity coefficient Web application layer ddos attack detection method and device |
CN106330852A (en) * | 2015-07-06 | 2017-01-11 | 纬创资通股份有限公司 | Abnormality prediction method, abnormality prediction system, and abnormality prediction device |
CN106778259A (en) * | 2016-12-28 | 2017-05-31 | 北京明朝万达科技股份有限公司 | A kind of abnormal behaviour based on big data machine learning finds method and system |
CN107204991A (en) * | 2017-07-06 | 2017-09-26 | 深信服科技股份有限公司 | A kind of server exception detection method and system |
CN107491970A (en) * | 2017-08-17 | 2017-12-19 | 北京三快在线科技有限公司 | Anti- cheating detection monitoring method and system and computing device in real time |
CN107707547A (en) * | 2017-09-29 | 2018-02-16 | 北京神州绿盟信息安全科技股份有限公司 | The detection method and equipment of a kind of ddos attack |
WO2018040944A1 (en) * | 2016-08-31 | 2018-03-08 | 阿里巴巴集团控股有限公司 | System, method, and device for identifying malicious address/malicious purchase order |
WO2018095192A1 (en) * | 2016-11-23 | 2018-05-31 | 腾讯科技(深圳)有限公司 | Method and system for website attack detection and prevention |
CN108540440A (en) * | 2018-02-02 | 2018-09-14 | 努比亚技术有限公司 | DDOS attack solution, server and computer readable storage medium |
CN108874813A (en) * | 2017-05-10 | 2018-11-23 | 腾讯科技(北京)有限公司 | A kind of information processing method, device and storage medium |
CN111476610A (en) * | 2020-04-16 | 2020-07-31 | 腾讯科技(深圳)有限公司 | Information detection method and device and computer readable storage medium |
CN112231700A (en) * | 2020-12-17 | 2021-01-15 | 腾讯科技(深圳)有限公司 | Behavior recognition method and apparatus, storage medium, and electronic device |
CN112488321A (en) * | 2020-12-07 | 2021-03-12 | 重庆邮电大学 | Antagonistic machine learning defense method oriented to generalized nonnegative matrix factorization algorithm |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102184406A (en) * | 2009-11-11 | 2011-09-14 | 索尼公司 | Information processing device, information processing method, and program |
CN102487293A (en) * | 2010-12-06 | 2012-06-06 | 中国人民解放军理工大学 | Satellite communication network abnormity detection method based on network control |
-
2013
- 2013-01-18 CN CN201310018798.8A patent/CN103095711B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102184406A (en) * | 2009-11-11 | 2011-09-14 | 索尼公司 | Information processing device, information processing method, and program |
CN102487293A (en) * | 2010-12-06 | 2012-06-06 | 中国人民解放军理工大学 | Satellite communication network abnormity detection method based on network control |
Non-Patent Citations (2)
Title |
---|
肖喜 翟起滨 田新广 陈小娟 叶润国: "基于shell命令和多阶Markov链模型的用户伪装攻击检测", 《电子学报》 * |
赵国锋 喻守成 文晟: "基于用户行为分析的应用层DDoS攻击检测方法", 《计算机应用研究》 * |
Cited By (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103810241B (en) * | 2013-11-22 | 2017-04-05 | 北京奇虎科技有限公司 | Filter method and device that a kind of low frequency is clicked on |
CN103810241A (en) * | 2013-11-22 | 2014-05-21 | 北京奇虎科技有限公司 | Filtering method and device for low-frequency clicks |
CN104901971A (en) * | 2015-06-23 | 2015-09-09 | 北京东方棱镜科技有限公司 | Method and device for carrying out safety analysis on network behaviors |
CN104901971B (en) * | 2015-06-23 | 2019-03-15 | 北京东方棱镜科技有限公司 | The method and apparatus that safety analysis is carried out to network behavior |
CN106330852B (en) * | 2015-07-06 | 2019-06-25 | 纬创资通股份有限公司 | Abnormality prediction method, abnormality prediction system, and abnormality prediction device |
CN106330852A (en) * | 2015-07-06 | 2017-01-11 | 纬创资通股份有限公司 | Abnormality prediction method, abnormality prediction system, and abnormality prediction device |
CN105592070A (en) * | 2015-11-16 | 2016-05-18 | 中国银联股份有限公司 | Application level DDoS defense method and system |
CN105592070B (en) * | 2015-11-16 | 2018-10-23 | 中国银联股份有限公司 | Application layer DDoS defence methods and system |
CN105510971A (en) * | 2016-02-18 | 2016-04-20 | 福建师范大学 | Seismic data abnormality detection method based on random walk |
CN105812280A (en) * | 2016-05-05 | 2016-07-27 | 四川九洲电器集团有限责任公司 | Classification method and electronic equipment |
CN105812280B (en) * | 2016-05-05 | 2019-06-04 | 四川九洲电器集团有限责任公司 | A kind of classification method and electronic equipment |
CN106209861B (en) * | 2016-07-14 | 2019-07-12 | 南京邮电大学 | One kind being based on broad sense Jie Kade similarity factor Web application layer ddos attack detection method and device |
CN106209861A (en) * | 2016-07-14 | 2016-12-07 | 南京邮电大学 | A kind of based on broad sense Jie Kade similarity coefficient Web application layer ddos attack detection method and device |
CN107798571B (en) * | 2016-08-31 | 2019-08-30 | 阿里巴巴集团控股有限公司 | Malice address/malice order identifying system, method and device |
WO2018040944A1 (en) * | 2016-08-31 | 2018-03-08 | 阿里巴巴集团控股有限公司 | System, method, and device for identifying malicious address/malicious purchase order |
CN107798571A (en) * | 2016-08-31 | 2018-03-13 | 阿里巴巴集团控股有限公司 | Identifying system, the method and device of malice address/malice order |
US10715546B2 (en) | 2016-11-23 | 2020-07-14 | Tencent Technology (Shenzhen) Company Limited | Website attack detection and protection method and system |
WO2018095192A1 (en) * | 2016-11-23 | 2018-05-31 | 腾讯科技(深圳)有限公司 | Method and system for website attack detection and prevention |
CN106778259B (en) * | 2016-12-28 | 2020-01-10 | 北京明朝万达科技股份有限公司 | Abnormal behavior discovery method and system based on big data machine learning |
CN106778259A (en) * | 2016-12-28 | 2017-05-31 | 北京明朝万达科技股份有限公司 | A kind of abnormal behaviour based on big data machine learning finds method and system |
CN108874813A (en) * | 2017-05-10 | 2018-11-23 | 腾讯科技(北京)有限公司 | A kind of information processing method, device and storage medium |
CN108874813B (en) * | 2017-05-10 | 2022-07-29 | 腾讯科技(北京)有限公司 | Information processing method, device and storage medium |
CN107204991A (en) * | 2017-07-06 | 2017-09-26 | 深信服科技股份有限公司 | A kind of server exception detection method and system |
CN107491970B (en) * | 2017-08-17 | 2021-04-02 | 北京三快在线科技有限公司 | Real-time anti-cheating detection monitoring method and system and computing equipment |
CN107491970A (en) * | 2017-08-17 | 2017-12-19 | 北京三快在线科技有限公司 | Anti- cheating detection monitoring method and system and computing device in real time |
CN107707547A (en) * | 2017-09-29 | 2018-02-16 | 北京神州绿盟信息安全科技股份有限公司 | The detection method and equipment of a kind of ddos attack |
CN108540440A (en) * | 2018-02-02 | 2018-09-14 | 努比亚技术有限公司 | DDOS attack solution, server and computer readable storage medium |
CN111476610A (en) * | 2020-04-16 | 2020-07-31 | 腾讯科技(深圳)有限公司 | Information detection method and device and computer readable storage medium |
CN111476610B (en) * | 2020-04-16 | 2023-06-09 | 腾讯科技(深圳)有限公司 | Information detection method, device and computer readable storage medium |
CN112488321A (en) * | 2020-12-07 | 2021-03-12 | 重庆邮电大学 | Antagonistic machine learning defense method oriented to generalized nonnegative matrix factorization algorithm |
CN112488321B (en) * | 2020-12-07 | 2022-07-01 | 重庆邮电大学 | Antagonistic machine learning defense method oriented to generalized nonnegative matrix factorization algorithm |
CN112231700B (en) * | 2020-12-17 | 2021-05-11 | 腾讯科技(深圳)有限公司 | Behavior recognition method and apparatus, storage medium, and electronic device |
CN112231700A (en) * | 2020-12-17 | 2021-01-15 | 腾讯科技(深圳)有限公司 | Behavior recognition method and apparatus, storage medium, and electronic device |
Also Published As
Publication number | Publication date |
---|---|
CN103095711B (en) | 2016-10-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103095711A (en) | Application layer distributed denial of service (DDoS) attack detection method and defensive system aimed at website | |
Yavuz et al. | Deep learning for detection of routing attacks in the internet of things | |
Huang et al. | An efficient intrusion detection approach for visual sensor networks based on traffic pattern learning | |
Xing et al. | Survey on botnet detection techniques: Classification, methods, and evaluation | |
CN106209861B (en) | One kind being based on broad sense Jie Kade similarity factor Web application layer ddos attack detection method and device | |
CN109600363A (en) | A kind of internet-of-things terminal network portrait and abnormal network access behavioral value method | |
Lu et al. | BotCop: An online botnet traffic classifier | |
Kato et al. | An intelligent ddos attack detection system using packet analysis and support vector machine | |
CN105187437B (en) | A kind of centralized detecting system of SDN network Denial of Service attack | |
CN106685984A (en) | Network threat analysis system and method based on data pocket capture technology | |
Krishnaveni et al. | Ensemble approach for network threat detection and classification on cloud computing | |
Xu et al. | Detection on application layer DDoS using random walk model | |
Patil et al. | S-DDoS: Apache spark based real-time DDoS detection system | |
CN107248996A (en) | A kind of detection of DNS amplification attacks and filter method | |
Silveira et al. | Smart detection-IoT: A DDoS sensor system for Internet of Things | |
Beckett et al. | New sensing technique for detecting application layer DDoS attacks targeting back-end database resources | |
Chwalinski et al. | Detection of application layer DDoS attacks with clustering and Bayes factors | |
Lei et al. | Detecting malicious domains with behavioral modeling and graph embedding | |
Singh et al. | Impact analysis of application layer DDoS attacks on web services: a simulation study | |
Agrawal et al. | Estimating strength of a DDoS attack in real time using ANN based scheme | |
CN103501302A (en) | Method and system for automatically extracting worm features | |
Manandhar et al. | Towards practical anomaly-based intrusion detection by outlier mining on TCP packets | |
CN105404797A (en) | Dual-redundancy based active network flow digital watermarking method | |
Gupta et al. | Predicting number of zombies in a DDoS attack using ANN based scheme | |
CN109246157A (en) | A kind of HTTP requests at a slow speed the association detection method of dos attack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20221104 Address after: 710061 Room 222, East of Floor 2, Office Building, Hanguang Community, No. 10, Hanguang South Section, Yanta District, Xi'an, Shaanxi Patentee after: Xi'an Longhe Linchuang Intellectual Property Agency Co.,Ltd. Address before: 400065 Chongqing Nan'an District huangjuezhen pass Chongwen Road No. 2 Patentee before: CHONGQING University OF POSTS AND TELECOMMUNICATIONS Effective date of registration: 20221104 Address after: Room 1111, Building 1, Wanting Building, Labor Community, Xixiang Street, Bao'an District, Shenzhen City, Guangdong Province, 518101 Patentee after: Shenzhen Occupy Information Technology Co.,Ltd. Address before: 710061 Room 222, East of Floor 2, Office Building, Hanguang Community, No. 10, Hanguang South Section, Yanta District, Xi'an, Shaanxi Patentee before: Xi'an Longhe Linchuang Intellectual Property Agency Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240408 Address after: Room 05-5, 8th Floor, Hesheng Industrial and Commercial Building, No. 89 Fuxin Middle Road, Wangzhuang Street, Jin'an District, Fuzhou City, Fujian Province, 350000 Patentee after: Fuzhou Qilian Information Consulting Co.,Ltd. Country or region after: China Address before: Room 1111, Building 1, Wanting Building, Labor Community, Xixiang Street, Bao'an District, Shenzhen City, Guangdong Province, 518101 Patentee before: Shenzhen Occupy Information Technology Co.,Ltd. Country or region before: China |
|
TR01 | Transfer of patent right |