-
公开(公告)号:KR101370244B1
公开(公告)日:2014-03-06
申请号:KR1020120114607
申请日:2012-10-16
Applicant: 한국과학기술원
CPC classification number: H04L63/1458 , H04L2463/142
Abstract: The present invention relates to a method for detecting and blocking distributed denial of service (DDos) evolved from an application layer DDoS attack and a device for the same. The method for detecting and blocking the application layer DDoS attack comprises the steps of: transmitting a link address of a web page to a client after modification and obfuscation; determining reliability by comparing a link address that the client accesses and the link address transmitted to the client; setting a reference value as a reference for blocking access to the web page, and deciding whether to block access to the web page of the client by comparing the reliability and the reference value. [Reference numerals] (110) Whether a server is overloaded?; (111) Change a link address of a web page transmitted based on each client information; (112) Obfuscate the changed link address; (113) Waiting for connection after transmitting the changed link address to a client; (120) Client access link address is the changed link address?; (121) Negative points on client's reliability; (122) Plus points on the client's reliability; (130) Reliability
Abstract translation: 本发明涉及一种用于检测和阻止从应用层DDoS攻击演变而来的分布式拒绝服务(DDos)及其设备的方法。 用于检测和阻止应用层DDoS攻击的方法包括以下步骤:在修改和混淆之后向客户端发送网页的链接地址; 通过比较客户端访问的链路地址和发送给客户端的链路地址来确定可靠性; 将参考值设置为阻止对网页的访问的参考,并且通过比较可靠性和参考值来决定是否阻止对客户端的网页的访问。 (附图标记)(110)服务器是否过载? (111)根据每个客户端信息更改发送的网页的链接地址; (112)模糊变更的链接地址; (113)在将更改的链路地址发送给客户端之后等待连接; (120)客户端访问链接地址是更改后的链接地址? (121)客户可靠性的负面点; (122)加点客户的可靠性; (130)可靠性<参考值 (131)阻止相应的客户端; (AA)开始
Search Results
1
records
(took 0.014 seconds)
