发明名称 |
DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION APPARATUS AND METHOD, AND DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION APPARATUS FOR REDUCING FALSE-POSITIVE |
摘要 |
Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack. |
申请公布号 |
US2012151593(A1) |
申请公布日期 |
2012.06.14 |
申请号 |
US201113323050 |
申请日期 |
2011.12.12 |
申请人 |
KANG KYOUNG-SOON;KIM HAK-SUH;JUNG BOO-GEUM;JEON KI-CHEOL;AHN BYUNG-JUN;ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
KANG KYOUNG-SOON;KIM HAK-SUH;JUNG BOO-GEUM;JEON KI-CHEOL;AHN BYUNG-JUN |
分类号 |
G06F21/00 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|