摘要： 给出一种运用SOA理念构建的DDoS防御框架，实现在攻击源端阻挡入侵流量。通过引入SOA和覆盖网络，使得框架和外界保持松耦合，并实现其通用性的底层架构，在此基础上基于加解密方法构建可保障架构安全的凭证体系。实验表明，该框架可有效保护正常客户机和服务网络不受恶意攻击者损害。

关键词: 面向服务的架构, 分布式拒绝服务, 防御

Abstract: This paper proposes a Service Oriented Architecture(SOA) based DDoS defense framework to filter the anomaly flow in the source of the attack. By introducing SOA and overlay network, the framework remains loosely coupled with outside world and the bottom part of the framework is combined with encryption and decryption to construct a secure certification system. Experiments show that the framework can effectively protect normal client and service networks from malicious damage.

Key words: Service Oriented Architecture(SOA), DDoS, defense

中图分类号: 

• TP393