넷플로우를 이용한 비대칭 ISP 네트워크에서 분산 반사 서비스 거부 공격 탐지 방법
- 10693908 (2020.06.23)
16HH1900, 맞춤형 보안서비스 제공을 위한 클라우드 기반 지능형 보안 기술 개발,
- Disclosed herein are an apparatus and method for detecting a Distributed Reflection Denial of Service (DRDoS) attack. The DRDoS attack detection apparatus includes a network flow data reception unit for receiving network flow data from network equipment, a session type determination unit for determining a session type of the received network flow data, a host type determination unit for determining a type of host corresponding to the network flow data based on the session type, an attack method determination unit for determining an attack method corresponding to the network flow data, a protocol identification unit for identifying a protocol of the network flow data, and an attack detection unit for detecting a DRDoS attack based on the session type, the host type, the attack method, and the protocol.
- KSP 제안 키워드
- Attack Detection, DRDoS attack, Denial of service attack, Flow Data, Network flow, Protocol identification, denial of service(DoS), network equipment