The present invention is a packet metric parameter (packet metric parameter) a point in Internet backbone connections to determine, or by sampling the packets at various points distributed denial of service in the Internet (distributed denial of service, DDoS) system for detecting an attack It provides. Packet metric parameters, which may include the amount of packets received is analyzed over selected time intervals for the given geographical location are located in the host that sent the packet. The expected behavior to identify traffic distortions showing a DDoS attack may be used. In the complementary aspect, the invention provides a way to authenticate the packet in the router in order to improve the QoS of the authenticated packet. This method can be used to block the packet (block) or filtering (filter), it can be used in conjunction with DDoS attack detection system in a distributed manner in order to protect against DDoS attacks within the Internet.
展开▼
