一种基于决策的DDoS攻击的阻断系统的设计与实现

distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users. DDoS attack is easy to be launched and has enormous damage to the victims which makes the DDoS attack become the main threat of the INTERNET. There isn't a feasibIe approach to deaI with DDoS attack within the entire INTERNET up to now. In this paper, we designed and implemented a blocking system to defend the DDoS attack . The system, which consists of Intrusion Detection System(IDS), IP Traceback and distributed filtering system. We deploy the system into a testing network, simulate the attack environment and verify the overall defense capability of the implemented system.(10 Points, Times New Roman)