摘要
分布式拒绝服务(DDoS)攻击是目前最难处理的网络难题之一,而在其基础上发展起来的分布式反弹拒绝服务(DRDoS)攻击利用反弹服务器进行的攻击会对网络系统造成更大的危害。由Duwairi等人提出的概率流水线包标记方案有效地解决了重构攻击路径的问题,但它并不适用于DRDoS攻击。在此基础上提出了一种新策略,经实验验证受害者用较少的数据包即可实现DRDoS中攻击路径的重构。
Distributed Denial of Service(DDoS) attack is among the hardest network problems. Distributed Reflection Denial of Service(DRDoS) attack develops from DDoS attack and it makes use of reflector to harm the network system more severely. One promising solution to reconstruct attack paths, Probabilistic Pipelined Packet Marking( PPPM), has proposed first by Duwairi, however it cannot work against reflector attack. In this paper, a new scheme extended PPPM is giving, which reduce the number of packets needed for a victim to reconstruct the attack paths.
出处
《计算机应用研究》
CSCD
北大核心
2006年第9期122-123,126,共3页
Application Research of Computers
关键词
分布式反弹拒绝服务
反弹服务器
概率流水线包标记
Distributed Reflection Denial of Serince (DRDoS)
Reflector
Probabilistic Pipelined Packet Marking(PPPM)
