%0 Journal Article
%T DDoS attack detection based on global network properties of network traffic anomaly<br>基于网络全局流量异常特征的DDoS攻击检测
%A LUO Hua
%A HU Guang-min
%A YAO Xing-miao
%A <br>罗华
%A 胡光岷
%A 姚兴苗
%J 计算机应用
%D 2007
%I 
%X Due to the invisibility and distributivity characteristics of Distributed Denial of Service (DDoS) attack, a new DDoS detection method based on global network was presented in this paper. Our method detects DDoS by analyzing OD traffic matrix, whereas the traditional methods detect it on single link or victim network. This method was carried out as follows: First, we need to get network traffic matrix in order to obtain the correlation character of attack traffic among multiple links. Then, traffic matrix was divided into normal space and abnormal space by K-L transformation. Finally, the correlation of abnormal space was achieved to detect DDoS attack. The simulation result shows that this proposed method is more accurate and faster than traditional methods. It is in favor of earlier detection of DDoS attack.
%K Distributed Denial of Service (DDoS) attack
%K global network traffic anomaly
%K Traffic Matrix(TM)<br>分布式拒绝服务攻击
%K 全局流量异常
%K 流量矩阵
%K 网络
%K 流量矩阵
%K 异常特征
%K DDoS
%K 攻击检测
%K anomaly
%K network
%K traffic
%K properties
%K global
%K based
%K detection
%K 防御
%K 早期检测
%K 快速
%K 仿真结果
%K 相关特征
%K 异常空间
%K 分析
%K 量空间
%K 矩阵分解
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=14E16CBD27430512E4A5B4466090D138&yid=A732AF04DDA03BB3&vid=DB817633AA4F79B9&iid=0B39A22176CE99FB&sid=AA5FB09E1F81059E&eid=E3094127AA4ABC1A&journal_id=1001-9081&journal_name=计算机应用&referenced_num=2&reference_num=13