中文摘要：

通过分析应用层分布式拒绝服务（distributed denial of service,DDoS）攻击的原理及特征,比较网络安全与生物免疫系统的相似性,提出一种运用树突状细胞算法（dendritic cells algorithm,DCA）检测应用层DDoS攻击的方法。根据web服务器应用层DDoS攻击请求的生成方式,对一段时间内同一源IP的数据包等特征进行分析,根据正常及攻击行为在特征表现上的差异,判断是否存在攻击行为。实验结果表明,该方法能够有效检测出应用层的DDoS攻击,具有较高的检测率。

英文摘要：

By analyzing the principles and characteristics of the application-layer DDoS（distributed denial of service）attack,comparing the similarity between network security and biological immune system,a method of dendritic cells algorithm（DCA）for application-layer DDoS attacks detection was proposed.According to the way that the application-layer DDoS of web server generates,packets and other features from the same source IP in a period of time were analyzed,and according to the difference of performance characteristic between normal and aggressive behaviors,whether an attack exists or not was determined.And the experimental results show that,this method can detect application-layer DDoS attacks effectively,and ensure a higher detection rate.