摘要
针对DDOS和蠕虫的特点,提出了一种NeTraMet和QOS相结合的主动防御机制,实现对DDOS和蠕虫经济高效的防治。在蠕虫检测上考虑了无特征蠕虫和有特征蠕虫两种情况;一般基于流量的DDOS检测方法预警时,网络实际已经受到一定程度的攻击而且发生阻塞,为了能够更早预警DDOS攻击,提高网络生存性,在DDOS检测中提出了可疑流量线,当流量达到可疑流量和攻击流量之间时,就启动防御机制,利用路由器的QOS功能,尽量减少攻击流的消耗带宽,维持网络正常服务。最后在NS2中进行模拟验证。
According to characteristics of DDOS and worm, a proactive defense mechanism based on NeTraMet and QOS which implements economical and high-efficiency defense of DDO S and worm is presented. They considered two situations of characteristic worm and no characteristic worm on worm detection; usually when DDOS detection method based on traffic warns, network has been attacked and blocked to some degree in fact, so they developed suspicious traffic line in order to find out DDOS attack flows early on DDOS detection and improve network survivability, and when traffic is between suspicious traffic and attack traffic, proactive defense system is proposed which can reduce bandwidth consumption by attack flows and maintain network normal service with QOS of router. It is simulated and testified in NS2 at last.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第20期4891-4894,共4页
Computer Engineering and Design
基金
南京农业大学青年科技创新基金项目(KJ05022)
