分布式拒绝服务攻击(DDoS)对网络具有极大的破坏性,严重影响现网的正常运营。虽然现网已经部署针对DDoS的流量清洗系统,然而小流量的攻击较洪水型攻击更难以被感知,进而不能得到有效的清洗。本文分析了网络中小流量DDoS攻击的原理和防御现状,并提出一种基于资源感知的小流量DDoS攻击防御方法。%Distributed denial of service seriously damaged the network, has extremely negative effect on network operation and maintenance. Although anti-DDoS systems have been deployed at present, some relatively low-rate DDoS attacks are still dififcult to detect and therefore, this kind of DDoS stream can not be effectively cleaned. The current situation of DDoS attack and defense mechanism has been analyzed, furthermore, a defense mechanism against low-rate DDoS based on resource availability has been proposed in this paper.
展开▼