摘要
本文分析了常见的拒绝服务攻击的检测方法:基于流量的检测、基于源IP地址的检测和基于数据包属性的检测,并讨论了几种检测机制的优缺点。对于拒绝服务攻击的防御,着重分析了基于出口过滤的防御机制、基于数据包危险度的流量控制和IP回溯机制。
In this paper, several methods to detect DoS/DDoS were analyzed,including traffic monitoring, source IP address monitoring, and packet attributes statistics,of whitch the merits and faults were discussed.The defense mechanism such as ingress filtering, dangerous degree and IP trace back were also analyzed.
作者
贾伟峰
陈卫军
JIA Wei-feng, CHEN Wei-jun (Anyang Normal University,Anyang 455000,China)
出处
《电脑知识与技术》
2007年第11期668-669,679,共3页
Computer Knowledge and Technology