| dc.description.abstract | With the rise of internet, network security has also become important. Various incidents of intrusion emerges which make great changes in the traditional market of information security. Continuous innovating internet intrusion techniques, changeful viruses, and worm attacks, it spreads through global internet and e-mails. Attack tools travel fast and has been misapplies; which makes a great contradiction when we observe how the general users ignore network security. Such situation is becoming worse, thus, it has received great concerns from both the cooperation and the government. And among them, the attack of Distributed Denial of Service, DDoS, causes more threats and damages to the internet than that of others. At the same time, many dissertations have proposed every kind of defending mechanism to confront DDoS attacks. However, the more attacks there are, the more complicated the attack modules; therefore, the difficulties of defending these internet attacks increases.
This paper proposes a hierarchical cooperative defending system against DDoS attacks, uniting its subsidiary systems WallGuard, WallAgent, and domain dispatcher to defend DDoS attacks. WallGuard is in charge of defense cooperatively in DDoS attack and it implements traffic statistics and controls the devices of router to filter the attacks. WallGuard can announce to the WallAgent in the subnet through the governed domain dispatcher to cooperatively defense the attacks of DDoS by using the concept of the division of area. It is also proposed to analyze the logs of system to prevent the DDoS attacks | en_US |