摘要
目前对于拒绝服务攻击(DoS)和分布式拒绝服务攻击(DDoS),概率包标记(PPM)和高级包标记方案(AMS)是有效的IP追踪技术,但其存在很大的误报率,不能快速追踪到攻击者。在AMS的基础上改进了包标记方法,合理假设在一个自治系统中,采用节点标记方法,经理论分析能降低误报率;经实验验证用较少的数据包就可以快速准确地定位到攻击者。
Probabilistic packet marking and advanced marking schemes are effective technique for IP traceback. However, they use the edge sampling method which exists the large false positive rate and can' t fast trace the attacker. Based on reasonable hypothesis, in a large autonomous system, this paper improved AMS with node sampling, which could reduce the false positive rate by theoretical analysis, could quickly and accurately locate the attacker by experimental verification.
出处
《计算机应用研究》
CSCD
北大核心
2008年第12期3739-3740,3746,共3页
Application Research of Computers
基金
国防预研基金资助项目(A1420061266)
