作　　者： ; ; ; (谢晓売）;

机构地区： 武汉大学计算机学院

出　　处： 《计算机应用研究》 2016年第9期2790-2794,共5页

摘　　要： 针对云计算环境中的Web服务应用层容易遭受攻击的问题,提出一种用来检测XML和HTTP层分布式拒绝服务(DDo S)攻击的防御系统,并嵌入到云环境中,实现对云中介和云服务提供商的保护。从属于特定简单对象访问协议(SOAP)正常操作中提取数据集的特征值,构建相应的高斯请求模型;对Web服务的网络服务描述语言(WSDL)中的一些属性进行设置,实现对攻击的初步过滤;对服务请求的HTTP头部和XML内容进行检查,并与模型数据比较,进一步实现攻击检测。实验结果表明,该系统能够有效地预防多种DDo S攻击,且消耗较少的响应时间。 For the issues that the Web service application layer is easy to be attacked in cloud computing environment, this paper proposed a kind of defense system used to detect XML and HTTP distributed denial of service (DDoS) attack, and embedded in the cloud environment to achieve the protection of cloud intermediary and cloud service providers. First, the system extracted the feature of data set which belonged to the particular SOAP normal operation and built the corresponding Gaussian request model. Then, it set some properties in the network service description language (WSDL) of Web services to achieve the initial filtering of the attack. Finally, it checked the HTTP headers and XML body data, and compared with model data to detect the attacks. Experimental results show that the system can effectively prevent many DDoS attacks, and consume less response time.

关 键 词： 云计算 服务 分布式拒绝服务 攻击检测

领　　域： [自动化与计算机技术] [自动化与计算机技术]