中文摘要：

分布式拒绝服务（DDoS）攻击是一种极其常见的网络攻击方式，网络高流量的DDoS往往通过制造大量无用数据，造成网络拥塞，最终达到耗尽资源、中断正常服务的目的。目前针对网络高流量的DDoS攻击还没有较好的防御办法。文章基于前期研究及文献调研，对国内外网络高流量DDoS防御机制的研究进展进行了归纳总结，重点对其防御原理、检测防御和抵抗防御方法进行了总结；对当前高流量DDoS攻击检测防御和抵抗防御机制进行了展望，以期有助于构建全面有效的网络高流量DDoS防御系统。

英文摘要：

Distributed Denial of Service(DDoS)attack is one of the extremely familiar networkattack methods.In the condition of high flow capacity,DDoS causes network congestion by meansof manufacturing useless data,finally leading to resource exhausting and normal service interrupt.No effective defense for now is against the high flow capacity DDoS.Based on preliminary studyand literature researches,this thesis summarizes and analyses the domestic and international researchprogress of network high fl ow DDoS defense mechanisms,emphasis on attacks detection and defenseprinciple and attack test,makes a summary of features and disadvantages of different detection anddefense mechanisms,in order to establish the comprehensive and effective network high fl ow DDoSdefense mechanisms.