| Along with the study of embedded technology gradually going in-depth and ever-close integration of Internet technologies with information appliance and industrial control technologies, the embedded system with Internet as its symbol steps into its rapid development stage. Embedded Network Video Server based on the network is a new digital image monitoring system, which relies on the technologies of digital image processing, embedded computer system, data transmission network, automatic control and artificial intelligence. This system succeeds to meet the current needs of video surveillance systems for remote, real-time and centralization. However, along with the development of network technology, viruses, worms, hacking, denial of service attacks and other security issues have caused enormous damages. So it is inevitable to consider the risks brought to system itself as well as information storage, processing and transmission in networks. Therefore, ensuring the safety of remote video surveillance systems is greatly needed.In this thesis, we design an embedded image server system which is light-weighted and supports multi-point access. The architecture of this monitoring system is also given in details, which includes video capture module, distributed module and system management module. Remote-Eyes system works in the operating system of Linux with Xscale architecture, which supports user management, real-time video capture, video forwarding, screenshots and sending images in a variety of ways. This embedded image server can satisfy the daily needs of people and be put into practice because of its simple design, low cost, reliability, flexible integration and strong expansion.The development and improvement of network security technologies makes the means of attack gradually from the low layers to the higher. DDoS attacks targeted on the application layer using the complexity of high level protocols and services are more efficient and invisible, which makes serious consequences to the services based on Web. Besides that, unexpected changes of data flow in the network gives higher chance to perform attacks. Traditional analysis of packet characteristics, flow characteristics or transition rate cannot detect and prevent such application-level DDoS attacks effectively. This thesis analyzes the features and mechanism of the application layer DDoS attacks and presents a method of combining data mining technologies with intrusion detection technologies to identify and prevent the attack. According to the differences between normal users'browsing patterns and abnormal ones, at the very beginning, user sessions are extracted from the web logs of normal users. Similarities between different sessions are calculated. An improved ant clustering algorithm is employed to generate an adaptive detecting model. And then, this model computed whether the undetermined sessions are DDoS attacks or not. The experimental results show that this method can detect attacks effectively and has a good performance in adaptability. |
PDF Full Text Request