期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种可认证DDoS攻击源追踪方案研究 被引量:2

Research on authentication scheme for DDoS attack source traceback
下载PDF
导出
摘要 提出了一种通用的基于概率包标记大规模DDoS攻击源跟踪方法。相比其他方法,该方法通过引入包标记中继算法既适用于直接类型的DDoS攻击路径恢复,也适用于反射类型的DDoS攻击路径恢复。此外,通过巧妙运用方程组惟一解判定原理对路由IP实施编码,运用基于一次性密钥的HMAC方法对攻击路径的每条边进行编码和验证,不需要ISP路由拓扑,便能够在被攻击点相应的解码并高效可靠地恢复出真实的攻击路径。分析表明,该方法能与IPv4协议较好地兼容,具有较好的抗干扰性。 This paper presented a common marking scheme for large scale DDoS attack source traceback based on PPM. Compared to other schemes, this scheme could be applied to direct and reflected DDoS attack source traceback by using reflection relay algorithm. Furthermore, this scheme encoded the router' s IP using techniques from algebraic coding theory, encoded and authenticated the edge information with HMAC method whose secret key was updated periodically , and could decode the information and reconstruct the attack paths effectively, even without the ISP's router map. Through an analysis, this scheme is robust and compatible with IPv4 protocol.
作者 张健 陈松乔
机构地区 中南大学信息科学与工程学院计算机应用技术系
出处 《计算机应用研究》 CSCD 北大核心 2007年第10期131-134,共4页 Application Research of Computers
基金 国家自然科学基金资助项目(90304010 90104028)
关键词 分布式拒绝服务 攻击源追踪 概率包标记 收敛性 消息散列鉴别码 DDoS IP traceback PPM astringency HMAC ( keyed-hashingfor message authentication)
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1STONE R.Centertrack:An IP overlay network for tracking DoS floods[C]//Proc of the 9th USENIX Sec Symp.San Francisco,US:USENIX Association Press,2000:199-212.
  • 2BURCH H,CHESWICK B.Tracing anonymous packets to their approximate source[C]//Proc of the 14th Conf Systems Administration.Berkeley,CA:USENIX Assocition Press,2000:313-322.
  • 3SAGER G.Security Fun with OCxmon and cflowd[K].[S.l.]:Internet-2 Working Group,1998.
  • 4BELLOVIN S,LEECH M,TAYLOR T.ICMP traceback messages[R].[S.l.]:IETF,2001.
  • 5SAVAGE S,WETHERALL D,KARLIN A,et al.Practical network support for IP traceback[C]//Proc of the ACM SIGCOMM Conf.Stockholm:ACM Press,2000:295-306.
  • 6ALEX C S,CRAIG PARTRIDGE,LUIS A,et al.Timothy strayer,hash-based IP traceback[C]//Proc of the ACM SIGCOMM Conf.New York:ACM Press,2001:3-14.
  • 7STOICA I,ZHANG H.Providing guaranteed services without per flow management[C]//Proc of ACM SIGCOMM.New York:ACM Press,1999:81-94.
  • 8SONG D,PERRIG A.Advanced and authenticated marking schemes for IP traceback[C]//Proc of the IEEE INFOCOM.Anchorage,Alaska:[s.n.],2001:878-886.
  • 9DEAN D,FRANKLIN M,STUBBLEFIELD A.An algebraic approach to IP traceback[J].ACM Transactions on Information and System Security,2002,5(2):119-137.
  • 10CHEN Zhao-le,LEE M.An IP traceback technique against denial of service attacks[C]//Proc of 19th Annual Computer Security Application Conference (ACSAC '03).[S.l.]:IEEE,2003:96-114.

二级参考文献8

  • 1BELLOVIN S M. ICMP traceback messages[EB/OL]. Intemet Draft:http://www.ieff. org/proccedings/01dec/I-D/draft-ieff-itrace-01.txt.
  • 2STONE R. Centertrack: an IP overlay network for tracking DoS floods[A]. Proc 9th USENIX Sec Symp[C]. 2000.199-212.
  • 3SAVAGE S, et al. Network support for IP traceback[J]. IEEE/ACM Transactions on Networking, 2001,9(3):226-237.
  • 4DAWN X D, SONG P A. Advanced and authenticated marking schemes for IP traceback[A]. INFOCOM 2001, Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies[C]. 2001. 878-886.
  • 5EAN D, FRANKLIN M, STUBBLEFIELD A. An algebraic approach to IP traceback[J]. ACM Transactions on Information and System Security (TISSEC), 2002,5(2): 119-137.
  • 6LIU J, LEE Z J, CHUNG Y C. Efficient dynamic probabilistic packet marking for IP traceback[A]. Networks, ICON2003[C]. 2003.475-480.
  • 7PARK K, LEE H. On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack[A]. INFOCOM 2001,Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies[C].2001.338-347.
  • 8梁丰,赵新建,David Yau.通过自适应随机数据包标记实现实时IP回溯(英文)[J].软件学报,2003,14(5):1005-1010. 被引量:22

共引文献12

同被引文献13

  • 1李德全,徐一丁,苏璞睿,冯登国.IP追踪中的自适应包标记[J].电子学报,2004,32(8):1334-1337. 被引量:33
  • 2陈星星,徐红云.IP追踪中PPM算法的改进研究[J].计算机工程,2006,32(21):164-166. 被引量:5
  • 3STEVENS W R.TCP/IP协议详解卷1:协议[M].范建华,胥光辉,张涛,等译.北京:机械工业出版社,2002.
  • 4ALJIFRI H. IP traceback:a new denial-of-service deterrent[ J ]. IEEE Security and Privacy, 2003,1 (3) : 24 -31.
  • 5SAVAGE S WETHERALL D, KARLIN A, et al. Practical network support for IP traceback[ J]. ACM SIGCOMM Computer Communication Review, 2000,30 ( 4 ) :295-306.
  • 6PENG T,LECKIE C,RAMAMOHANARAO K. Adjusted probabilistic packet marking for IP traceback [ C ]//Proc of the 2rid IFIP Networking Conference. London : Springer-Verlag,2002:697-708.
  • 7StevensWR.TCP/IP协议详解卷1:协议[M].范建华,胥光辉,张涛,等译.北京:机械工业出版社,2002.
  • 8Jone D.Howard,Thomas A.Longstaff.A Common Language for ComPuter Security Incidents.SANDIA report SAND98-8667,Sandia National Laboratories,Oct. 1998.
  • 9Felix Lau,Stuart H.Rubin,Michael H.Smith,et al.Distributed denial of service attacks.In:Proc of IEEE International Conference on Systems,Man,and Cybernetics.Nashville,2000,2275-228.
  • 10刘华普,孔金生,董文丽.改进的强跟踪器自适应滤波信息融合方法[J].微计算机信息,2007,23(19):141-143. 被引量:4

引证文献2

二级引证文献2

计算机应用研究
2007年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部