UDP FLOOD attack cleaning method and system

The invention discloses a UDP FLOOD attack cleaning method and system. Novel reflective attack traffic can be accurately discovered and filtered by statistics of the port message frequency of a preset specific port, and the conventional UDP attack traffic can be accurately identified by statistics of the real check code frequency of the load content and taking features of the previous 16 bytes of the load content. Fragment traffic generated by the UDP attack can be further filtered on the basis of accurately identifying new and old UDP traffic. Compared with the conventional traffic limiting mode, the performance loss caused by statistics of a large number of message features can be eliminated, even tens of Gbps of traffic can still be easily handled and thus the eliminating effect can be greatly enhanced. The UDP FLOOD attack cleaning method and system can be widely applied to UDP attack defense. 本发明公开了种UDP FLOOD攻击的清洗方法及系统通过统计预设的特定端口的端口报文频率，能够准确发现并过滤新型反射型攻击流量，并通过统计负载内容的真实校验码频率和取特征于负载内容的前16字节，能够准确识别传统的UDP攻击流量