首页>
外国专利>
METHOD FOR DEFENDING A DDOS ATTACK THROUGH ABNORMAL SESSION CONNECTION TERMINATION AND A DEVICE THEREOF CAPABLE OF DETECTING A HTTP GET FLOODING ATTACK OF AN APPLICATION LAYER
METHOD FOR DEFENDING A DDOS ATTACK THROUGH ABNORMAL SESSION CONNECTION TERMINATION AND A DEVICE THEREOF CAPABLE OF DETECTING A HTTP GET FLOODING ATTACK OF AN APPLICATION LAYER
PURPOSE: A method for defending a DDoS(Distributed Denial-of-Service) attack through abnormal session connection termination and a device thereof are provided to conspicuously reduce operation for detection and a wrong detection ratio of the DDoS attack.;CONSTITUTION: A session tracking unit(110) parses collected packets. The session tracking unit extracts header information. The session tracking unit tracks the abnormal session connection termination of a type predefined based on the extracted header information. The session tracking unit measures the number of abnormal session connection terminations. An attack detecting unit(150) determines a DDoS attack by comparing the measured number of the abnormal session connection terminations with a preset threshold value.;COPYRIGHT KIPO 2013;[Reference numerals] (110) Session tracking unit; (111) Packet parsing module; (130) Storage unit; (131) Session table; (133) Flow table; (150) Attack detecting unit; (170) Attack handling unit; (AA) Alarm; (BB) Input:packet
展开▼
