Detecting and Disposing DDoS Flow Based on Aggregate Algorithm

A new embedded algorithm for defeating DDoS(distributed denial of service) is proposed,which can be applied in a router.According to nature of DDoS flow,this algorithm divides IP flow into TCP(transfer control protocol),UDP(user datagram protocol) and ICMP(internet control message protocol) flow through light-weight protocol analysis of IP data flow,sets up responding flow aggregate model,detects DDoS attack according to the model,separates the resource of DDoS aggregate,and adopts control measures to filter attack flow and assure the normal transmission of legitimate data flow.The simulation results show that the algorithm is effective in checking the DDoS attach.