分布式拒绝服务攻击是因特网安全的头号威胁。针对DDoS 攻击，本文介绍了一种基于MPC860 和FPGA 的实时检测防御系统的体系结构与实现原理，探讨了基于非参数累积和（CUSUM）算法检测新IP 地址到达速率变化的DDoS攻击检测方法。实验结果表明该系统不仅实时检测准确性高、在线检测速度快、防御效果好，而且不损失网络信息吞吐量，保证了合法用户的正常访问。关键词：DDoS 攻击；FPGA ；CUSUM 算法；实时检测；门限Abstract: Distributed denial-of-service(DDoS) attacks present an immense threat to the Internet.The paper concentrates on the architecture and principles of the system of real-time detecting and defending against DDoS attack，which is based on MPC860 and FPGA.We propose a scheme to detect the DDoS attacks by monitoring the increase of new IP addresses.We use the non-parametric CUSUM algorithm to detect the change of therate of the new IP addresses arriving. Experiment results show that our scheme is characterized by high detection accuracy ,short detection time and good defence effect. Finally ,the mechanism guarantees the usual network throughput efficiently and reliably ,and provides good service to the legitimate traffics during the attack.Keywords: DDoS attack; FPGA; CUSUM algorithm;Real-time Detection; Threshold