摘要
拒绝服务(Denial of Service,DoS)攻击是阻止或者拒绝合法用户使用网络服务的一种攻击方式。首先介绍DoS攻击的基本原理,然后讨论现有DoS攻击防御方法,最后研究蜜罐技术在防御分布式拒绝服务(Distributed Dos,DDoS)攻击中的应用,并对其性能进行了仿真分析,结果表明:提出的蜜罐方案,能明显降低攻击者通过入侵足够数量的主机发起高强度DDoS攻击的概率,并能够有效地降低服务器主机所受到的攻击强度。
DoS is an attack blocking or rejecting legitimate users from using network services. In this paper, the principle of DoS attack is introduced firstly. Then, the existing methods of DoS attack prevention are discussed. Finally the application of the honeypot technique to DDoS attack prevention is studied with its performance analyzed through emulation. The results have shown that the proposed honeypot technique can greatly reduce the possibility of high itensity DDoS attack by use of invasion on a number of hosts and can effectively reduce the attack intensity suffered by servers.
出处
《南京邮电大学学报(自然科学版)》
2007年第2期40-43,50,共5页
Journal of Nanjing University of Posts and Telecommunications:Natural Science Edition
基金
国家高技术研究发展计划(863计划)(2004AA775053)和(2005AA775050)
江苏省高技术研究计划(BG2005037)资助项目
关键词
拒绝服务攻击
蜜罐
主控端
代理端
受控主机
Denial of Service (DoS) attack
honeypot
handler
agent
compromised slave
