期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种针对LDoS攻击的分布式协同检测方法 被引量:4

Distributed Collaborative Detection Method for LDoS Attacks
下载PDF
导出
摘要 针对近年来提出的一类新型攻击——低速率拒绝服务攻击(LDoS:Low-rate Denial of Service),提出一种位于中间网络的分布式协同检测方法DCLD(Distributed Collaborative Ldos Detection).该方法运用小波分析从多角度对LDoS攻击进行特征提取,并根据D-S证据理论,组合各种特征证据对攻击进行综合判决.各检测节点之间采用分布式协同算法实现信息交互.模拟实验结果表明,DCLD能够以较高精确度检测LDoS攻击及其分布式形式,并于靠近攻击源处对其进行响应,有效减小了攻击及防范机制本身对合法流量的影响. Low-rate Denial-of-Service, very different form traditional flooding DoS attacks, is a new kind of attacks. A distributed collaborative detection method DCLD(Distributed Collaborative LDoS Detection)which is deployed in the middle network defending against this kind of attacks and their distributed forms is presented. Attack traffic features are extracted using multi-scale wavelet analysis. Then, the feature-evidences are combined to make integrating judgement based on the D-S evidence theory. A distributed collaborative algorithm is also proposed, detection nodes exchange their information to realize collaborative detection through it. Simulation experiments show that DCLD can reach high detection accuracy and defenses the attacks near the sources, consequently mitigates the impacts of both attacks and defense mechanism on legitimate traffics.
作者 何炎祥 刘陶 韩奕 熊琦 曹强
机构地区 武汉大学计算机学院 武汉大学软件工程国家重点实验室
出处 《小型微型计算机系统》 CSCD 北大核心 2009年第3期425-430,共6页 Journal of Chinese Computer Systems
基金 国家自然科学基金项目(60642006 60773008)资助
关键词 低速率拒绝服务攻击 分布式协同检测 小波分析 D-S证据理论 LDoS attacks distributed collaborative detection wavelet analysis D-S evidence theory
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献18

  • 1Kuzmanovic A, Knightly E. Low-rate TCP-targeted denial of service attacks--the shrew vs. the mice and elephants[C]. In Proc. of 2003 ACM SIGCOMM, Karlsruhe, Germany, 2003.
  • 2Mun Choon Chan, Ee-chien Chang, Liming Lu, et al. Effect of malicious synchronization [C]. In Appled Cryptography and Network Security, Singapore, 2006.
  • 3Mina Guirguis, Azer Bestavors, Ibrahim Matta, et al. Reduction of quality (RoQ) attacks on internet end-systems[C]. In Proceedings of the 24th IEEE INFOCOM (INFOCOM'05), Miami, Florida, 2005.
  • 4Mina Guirguis, Azer Bestavors, Ibrahim Matta, et al. Exploiting the transients of adaptation for RoQ attacks on internet resources[C]. In Proceedings of the 12th IEEE International Conference on Network Protocols (ICNP' 04), Berlin, Germany, 2004.
  • 5Kuzmanovic A, Knightly E. Low-rate TCP-targeted denial of service attacks and counter strategies [J]. In IEEE/ACM Transactions on Networking, 2006, 4(14) :
  • 6Guang Yang, Gerla M, Sanadidi M Y, et al. Defense against low-rate TCP-targeted denial-of-service attacks[C]. In The 9th IEEE Symposium on Computers and Communications (ISCC 2004), Alexandria, Egypt, 2004.
  • 7Haibin Sun, Lui J C, Yau D K, et al. Defending against lowrate TCP attaek: dynamie deteetion and protection[C]. In Proceedings of the 12th IEEE International Conferenee on Network Protoeols(ICNP' 04), Berlin, Germany, 2004.
  • 8Yu Chen, Huang K. Collaborative detection and filtering of shrew DDoS attacks using spectral analysis[J]. Journal of Parallel and Distributed Computing, Special Issue on Security in Grids and Distributed Systems, 2006, 66(9):
  • 9Yu-Kwong Kwok, R T, Yu Chen, et al. HAWK: halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks[C]. In ICCNMC 2005, Germany, 2005.
  • 10McCanne S, Floyd S. ns-LBNL network simulator[EB/OL]. http://www-nrg, ee. lbl. gov/ns/, 2006.

二级参考文献4

共引文献55

同被引文献27

  • 1Kuzmanovic A, Knightly E W. Low-rate TCP-targeted denial of service attacks and counter strategies[J].IEEE/ACM Transactions on Networking, 2006, 14(4): 683-696.
  • 2Guirguis M, Bestavros A, Matta I. Exploiting the transients of adaptation for RoQ attacks on internet resources[C]//Proceedings of the 12th IEEE International Conference on Network Protocols. Berlin: IEEE Computer Society, 2004:184-195.
  • 3Guirguis M, Bestavros A, Matta I, et al. Reduction of quality (RoQ) attacks on internet end-systems [C]// Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies. Miami: IEEE Computer Society, 2005: 1 362-1 372.
  • 4Luo X, Chang R. On a new class of pulsing denial-ofservice attacks and the defense[C]// Proceedings of Network and Distributed System Security Symposium. San Diego: Internet Society, 2005:67-85.
  • 5Zhang Ying, Mao Z M, Wang Jia. Low-rate TCP- targeted DoS attack disrupts internet routing[C]// Proceedings of Network and Distributed System Security Symposium. San Diego: Internet Society, 2007: 135-146.
  • 6Sun H, Lui J, Yau D. Defending against low-rate TCP attacks: dynamic detection and protection[C]// Proceedings of the 12th IEEE International Conference on Network Protocols. Berlin: IEEE Computer Society, 2004:196-205.
  • 7Chen Y, Hwang K. Collaborative detection and filtering of shrew DDoS attacks using spectral analysis [J]. Journal of Parallel and Distributed Computing, 2006. 66(9): 1 137-1 151.
  • 8Kwok Y K, Tripathi R, Chen Yu. Halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks[C]// Proceedings of Networking and Mobile Computing. Zhangjiajie:Lecture Notes in Computer Science, 2005:423-432.
  • 9Dong K, Yang S B, Wang S L. Analysis of low-rate TCP DoS attack against FAST TCP[C] // Proceedings of the Sixth International Conference on Intelligent Systems Design and Applications. Jinan:IEEE Computer Society, 2006:86- 91.
  • 10Wei Wei, Dong Yabo, Lu Dongming, et al. A novel mechanism to defend against low-rate denial-of-service attacks[C]// Proceedings of Intelligence and Security Informatics. San Diego: Lecture Notes in Computer Science, 2006: 261-271.

引证文献4

二级引证文献1

小型微型计算机系统
2009年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部