Traffic flooding attack detection and in-depth analysis devices and method using data mining

Disclosed are an apparatus and a method for detection and in-depth analysis of traffic flooding attacks using data mining which are capable of quickly detecting distributed denial of service (DDoS) attacks developed from denial of service (DoS) attacks more diversely and robustly, classifying the DDoS attacks by attack types, and analyzing the meaning of the DDoS attacks. According to one embodiment of the present invention, the apparatus and the method for detection and in-depth analysis of traffic flooding attacks using data mining quickly detects traffic flooding attacks, classifies the traffic flooding attacks by attack types, and analyzes the meaning of the traffic flooding attacks on the basis of the prediction and analysis techniques of data mining, thereby providing services and operating systems more stably.