|
|
计算机应用研究 2012
DDoS detection method based on network-wide PCA
|
Abstract:
With the extension of network scale, the centralized detection method against DDoS had failed to meet requirements such as real-time and accuracy. This paper presented a distributed method based on WPCAD to detect increasingly serious DDoS attacks. DDoS attack flows could cause correlation between the abnormal traffic generated by certain tools and originated from different nodes. By taking advantage of this feature, this method first got ODin matrixes from the original OD matrixes, then each processing unit extracted the correlation between potential anomalous traffic by principle component analysis (PCA). This method cunsumed less network bandwidth and met the requirement of real-time with the distributed structure. The experimental results show that this method has better detection effect.
