期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Web服务中基于流量监控的DDoS攻击防范机制 被引量:3

Defense mechanism against DDoS attacks aiming at Web service based on traffic monitor
下载PDF
导出
摘要 提出一种基于流量监控的针对Web服务的DDoS攻击防范机制。使用Linux内核的安全选项、Linux虚拟服务器、iptables防火墙以及基于类的排队等技术搭建防范DDoS攻击的Web服务器系统环境,设计、实现了流量监控器和分析工具来检测可能发生的DDoS攻击,并降低其危害。实际测试表明,该机制能有效检测和防范常见的针对Web服务的DDoS攻击。 A defense mechanism against DDoS attacks aiming at Web service based on traffic monitor is proposed.Using the Linux kernel security options,Linux virtual server,iptables firewall and class-based queuing to set up Web server environment, this paper designs and implements traffic monitor and analysis tools to detect possible DDoS attacks and defend against them.The experiment results reveal that this mechanism can effectively detect and defend common DDoS attacks aiming at Web service.
作者 王秀利
机构地区 中央财经大学信息学院
出处 《计算机工程与应用》 CSCD 北大核心 2008年第36期115-118,211,共5页 Computer Engineering and Applications
基金 中央财经大学"中财121人才工程"青年博士发展基金项目(No.QBG0702)~~
关键词 分布式拒绝服务攻击 流量监控 负载均衡 基于类的排队 WEB服务 Distributed Denial of Service(DDoS) traffic monitor load balancer class-based queuing Web service
分类号 TP393 [自动化与计算机技术—计算机应用技术] TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1李明柱 时忆杰.黑客攻击与安全防范[M].北京:北京航空航天大学出版社,2002..
  • 2Michael H,Angelos D,Keromytis A.A secure PLAN[C]//Lecture Notes in Computer Science:Proceedings of the International Working Conference on Active Networks.[S.l.]:Springer-Verlag, 1999, 1653 : 307-314.
  • 3Lau F,Rubin S H,Smith M H,et al.Distributed denial of service attacks[C]//Proceedings of IEEE International Conference on Systems,Man,and Cybernetics.New York:IEEE Press,2000:2275-2280.
  • 4Dittrich D.The "mstream" distributed denial of service attack tool [EB/OL].http://staff.Washington.edu/dittrich/misc/mstream.analysis.txt.
  • 5Mirkovic J,Reiher P.A taxonomy of DDoS attack and DDoS defense mechanisms[J].ACM SIGCOMM Computer Communication Review, 2004,34 : 39-53.
  • 6Kencl L,Schwarzer C.Traffic adaptive packet filtering of denial of service attacks[C]//Proceedings of the 2006 International Symposium on world of Wireless,Mobile and Multimedia Networks, Washington, 2006 : 485-489.
  • 7Stavrou A,Cook D,Morein W,et al.WebSOS:An overlay-based system for protecting Web servers from denial of service attacks[J]. The International Journal of Computer and Telecommunications Networking, 2005,48 : 781-807.
  • 8王秀利,王永吉,周辉,蔡开元.基于D稳定域和ITAE准则的主动队列管理算法[J].软件学报,2007,18(12):3092-3103. 被引量:8
  • 9Wang Xiuli,Wang Yongji,Zhou Hui,et al.PSO-PID:A novel controller for AQM routers[C]//Proceedings of IEEE and IFIP International Conference on Wireless and Optical Communications Networks (IEEE/IFIP WOCN), Bangalore, India.New York: IEEE Press, 2006:1-5.
  • 10Mack J.LVS-HOWTO and LVS-mini-HOWTO[EB/OL].http://www. austintek.com/LVS/LVS-HOWTO.

二级参考文献24

  • 1卢锡城,张明杰,朱培栋.自适应PI主动队列管理算法[J].软件学报,2005,16(5):903-910. 被引量:19
  • 2纪其进,董永强.一种链路负载自适应的主动队列管理算法[J].软件学报,2006,17(5):1140-1148. 被引量:7
  • 3Shenker S.Fundamental design issues for the future Internet[J].IEEE Journal on Selected Areas in Communications, 1995; 13(7): 1176~1188
  • 4Jacobson V.Congestion avoidance and control[J].ACM Computer Communication Review, 1988; 18(4) :314~329
  • 5Jain R.Congestion control in computer networks:issues and trends[J].IEEE Network Magazine, 1990;4(3) :24~30
  • 6http://www.opnet.com
  • 7Bagrodia R,Meyer R et al.PARSEC:a parallel simulation environment for complex system[J].IEEE Computer, 1998-10
  • 8COST253:Cooperation in the field of scientific and technical research. http://www.eeng.brad.ac.uk/Research/cost253/
  • 9Franck L,Potorti F.GaliLEO:a simulation tool for LEO satellite constellations[J].SIMULATION:Transactions of The Society for Modeling and Simulation International,2002;78(9)
  • 10Keshav S.REAL:a network simulator[R].Technical Report 88/472,University of California,Berkeley, 1988

共引文献18

同被引文献19

引证文献3

二级引证文献6

计算机工程与应用
2008年 第36期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部