Invention Grant
- Patent Title: Distributed denial of service attack detection apparatus and method, and distributed denial of service attack detection and prevention apparatus for reducing false-positive
- Patent Title (中): 分布式拒绝服务攻击检测装置和方法,以及减少假阳性的分布式拒绝服务攻击检测和预防装置
-
Application No.: US13323050Application Date: 2011-12-12
-
Publication No.: US08677488B2Publication Date: 2014-03-18
- Inventor: Kyoung-Soon Kang , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-Jun Ahn
- Applicant: Kyoung-Soon Kang , Hak-Suh Kim , Boo-Geum Jung , Ki-Cheol Jeon , Byung-Jun Ahn
- Applicant Address: KR Daejeon
- Assignee: Electronics and Telecommunications Research Institute
- Current Assignee: Electronics and Telecommunications Research Institute
- Current Assignee Address: KR Daejeon
- Agency: Staas & Halsey LLP
- Priority: KR10-2010-0127006 20101213
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack.
Public/Granted literature
Information query
