期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

分布式拒绝服务攻击建模与形式化描述 被引量:4

Modeling and formally describing distributed denial of service attack
下载PDF
导出
摘要 分布式拒绝服务(DDoS)攻击严重威胁网络的安全性。需要有合适的模型来刻画DDoS攻击的行为特征,指导DDoS攻击的分析、检测和防御。使用攻击树对分布式拒绝攻击进行建模,并引入Object_Z语言对具体攻击模式进行了面向对象的形式化描述。分布式拒绝服务攻击的攻击树模型可以刻画出分布式拒绝服务攻击的本质特征,对其具体子类的形式化描述又可以降低构造攻击模型的复杂度,从而易于使用,分析和维护。 Distributed denial of service attacks brings seriously threat to network security. Appropriate model is needed to depict the behavior of the DDoS attack and guide the analysis, detection and defense of the DDoS attack. Attack tree is adopted to model the distributed denial of service attack. Then, object-Z language, a formal depict attack language, is used to depict the sub-term of the attack tree model in detail. The attack tree model can characterize the DDoS essentially. The formal description of the sub-term reduce the complexity in constructing the attack model, so the model can be easily used, analyzed and maintained.
作者 张基温 叶茜
机构地区 江南大学信息工程学院
出处 《计算机工程与设计》 CSCD 北大核心 2006年第21期4125-4127,4138,共4页 Computer Engineering and Design
关键词 网络安全 分布式拒绝攻击 攻击建模 攻击树 Object_Z语言 network security distributed denial of service attack modeling attack tree object-z language
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1Schneier B.Attack trees:Modeling security threats[J].Dr Dobb's Journal,1999,12:21-29.
  • 2Rocky K C Chang.Defending against flooding-based distributed denial-of-service attacks:A tutorial[J].IEEE Communications Magazine,2002,10:42-51.
  • 3Douligeris C,Mitrokotsa A.DDoS attacks and defense mechanisms:Classification and state-of-the-art[J].Computer Networks:The International Journal of Computer and Telecommunications Networking,2004,44(5):643-666.
  • 4Tidwell T,Larson R.Modeling internet attacks[C].USA:Proc of-IEEE Workshop on Information Assurance and Security,2001.
  • 5王晓程,刘恩德,谢小权.攻击分类研究与分布式网络入侵检测系统[J].计算机研究与发展,2001,38(6):727-734. 被引量:75
  • 6Duke R,Rose G,Object-Z:A specification language advocated for the description of standards[J].Computer Standards and Interfaces,1995,17:511-533.
  • 7杨余旺,杨静宇,孙亚民.分布式拒绝服务攻击的实现机理及其防御研究[J].计算机工程与设计,2004,25(5):657-660. 被引量:15
  • 8吕铭,胡恒一,夏春和.一种基于网络对称性的DDOS主动防御算法DSDA[J].计算机工程与设计,2005,26(3):639-643. 被引量:5

二级参考文献20

  • 1Tripwire. Tripwire for servers [R/OL]. http:∥www. tripwire.com/products/servers/.
  • 2David Moore, Ram Periakaruppan, Jim Dono-hoe, et al.Where in the world is net-geo.caida.org? [C]. INET 2000Proceedings, 2000.
  • 3CERT Coordination Center. Trends in denial of service attacktechnology[R/OL]. 2001.
  • 4Jelena Mirkovic, Janice Martin, Peter Reiher. A taxonomy of DDoS attacks and DDoS defense mechanisms[R]. Computer Science Department University of California, Los Angeles Technical Report #020018,2001.
  • 5王国伟. 网络安全分布式 DDOS 攻击 [N/OL]. http:∥it.rising.com.cn/.
  • 6Howard J D, Longstaff T A. A common language for computer security incidents [R/OL]. Sandia Report: SAND 98-8667, Sandia National Laboratories, http:∥www. cert.org/research/taxonomy_988667.pdf.
  • 7Axelsson S. Intrusion detection systems: A survey and taxonomy [R/OL]. Technical Report 99-15, Department of Computer Engineering, Chalmers University, 2000.
  • 8Debar H, Dacier M, Wespi A. Towards a taxonomy of intrusion-detection systems[J]. Computer Networks, 1999,31(8):805-822.
  • 9Hafner K, Markoff J. Cyberpunk: Outlaws and hackers on the computer frontier[M]. Simon & Schuster, 1991.21-140.
  • 10Bellovin S, LeechM, TaylorT. ICMPtracebackmessages[R/OL]. 2001. Internet draft, Work in progress. http:∥search.ietf. org/internet-drafts/draft-ietf-itrace-01.txt.

共引文献90

同被引文献30

引证文献4

二级引证文献5

计算机工程与设计
2006年 第21期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部