ABSTRACT
Under the influence of the global epidemic, various businesses have moved online one after another. With the rise of emerging industries such as online medical treatment, online education, and online conference, the proportion of attacks in the network service industry has increased year by year. UDP-FLOOD is still the primary scenario of DDoS attacks. Among them, with a large number of attack resources and most of them are high configuration servers, NTP (Network Time Protocol) reflection has become the most common UDP reflection attack method, accounting for 59% of the overall distribution. Therefore, establishing an efficient NTP attack detection system is a very important content to prevent network malicious attacks. At present, NTP-attacking based defensed methods mainly include IP filtering, hop mapping, and response packet detection, but they all have obvious weaknesses. Among them, the IP detection scheme can only detect historical attack IP, the implementation of hop mapping scheme is complex, and the resource overhead of response packet detection scheme is too large. Therefore, this paper proposes a nonlinear detection algorithm based on AHP multidimensional matrix quad information entropy. Through simulation experiments, the change of quad information entropy of attack intensity from 10% to 100% is counted. The detection rate based on the traditional target IP and target port algorithm is only 50% and 60%, which is significantly lower than this algorithm. Experiments show that the detection rate of this algorithm is higher.