摘要
根据推测路径需要的数据包数量、推测复杂性和误报率等参数,对不同的随机包标记(PPM)算法进行了评价.通过扩充ns2、确定攻击拓扑和攻击流量建立一个模拟测试环境,实际模拟并对比分析了各种PPM算法,可测试大规模DDoS攻击下各种PPM算法反向追踪的执行效果.根据模拟过程和结果,提出PPM的改进方向,从而有效提高了反向追踪的实时性.
The most promising probabilistic packet marking (PPM) schemes were evaluated based on the basis of the received packet number required for reconstructing the attacking path, computation complexity and false positive etc. We construct a simulation environment via extending ns2, setting attacking topology and traffic, which can be used to evaluate and compare the effectiveness of different PPM schemes. The simulation approach can also be used to test the performing effects of different PPM schemes in large-scale DDoS attacks. Based on the evaluation and simulation results, several improvable aspects of PPM are proposed, which can increase real-time of IP traceback efficiently.
出处
《吉林大学学报(理学版)》
CAS
CSCD
北大核心
2005年第6期757-762,共6页
Journal of Jilin University:Science Edition
基金
国家自然科学基金(批准号:90204014)