|
|
计算机应用研究 2013
Detecting App-DDoS attacks based on flow analysis
|
Abstract:
Aiming at the shortcomings of current methods which highly depend on system logs and fail to detect attacks against FTP or DNS servers, this paper proposed a novel model named DFM-FA that based on Kalman filtering and information entropy. The DFM-FA model mapped behaviour anomaly detection to network anomaly detection, maximizing the priority of legitimate users' access. This model can also detect attacks against FTP or DNS or other servers with no need for system logs.
