摘要
为了在IPv4网络下进一步提高防御DDoS攻击的实时性,提出DDoS防御系统的构想,将客户端防御系统与自适应包标记有效地结合起来,既可以检测防御DDoS攻击,又可以进行追踪攻击源;同时提出一个新的标记方案,该方案利用了TTL域和改进的自适应包标记的方法。与其他标记方法相比,其具有灵活性好、误报率低、计算量小的优点。经验证该系统用较少的数据包即可重构攻击路径,在最大限度上降低了攻击造成的损失。
The real-time characteristic of thwarting DDoS attacks needs to be improved based on IPv4. The paper proposed one kind of DDoS attack defending solution that could both detect and make use for DDoS attack source traceback. Proposed a new packet marking scheme by using TrL and adaptive packet marking which was more prompt because of fewer packets needed, more scalable and more efficient in computation compared with other schemes. It also can reduce the number of packets needed for attack path reconstruction and save the loss furthest under real-time attacks.
出处
《计算机应用研究》
CSCD
北大核心
2009年第6期2119-2121,共3页
Application Research of Computers
基金
黑龙江省高等学校青年学术骨干支持计划资助项目(1151G075)
船舶行业基金资助项目(05J3.7.2)
关键词
分布式拒绝服务攻击
自适应包标记
流量特征
数据包
DDoS (distributed denial of service attack)
adaptive packet marking
traffic character
packet
