摘要
针对危害性极大的SYNFlooding攻击,提出了一种新的基于自适应阀值的防御系统。该系统监控出/入终端网络TCP业务的平衡性,实时自适应调整攻击检测阀值和限速门限,提高了检测的准确性和在线检测速度,有效地滤除攻击流,同时向合法业务提供良好的服务。
This paper proposes a novel defense scheme against SYN Flooding attacks.The sheme is based on the adaptive threshold and deployed at source-end networks. The core mechanism of the system is based on the balance between a stub network's outgoing and incoming TCP traffic, and real-time tunes detection threshold and rate-limited one.It can improve the detection accuracy and the rate of the on-line detection .Finally,it can offer good services to legitimate traffic even during an attack, while effectively reducing attack traffics to a negligible level.
出处
《微电子学与计算机》
CSCD
北大核心
2005年第5期69-72,共4页
Microelectronics & Computer
基金
部委预研基金项目资助
