互联网假冒源地址攻击的分类

Classification of source address spoofing in the Internet

导出

摘要假冒源地址攻击具有容易实施、不易被追溯的特点,这种攻击行为在互联网上日益猖獗。该文总结了互联网假冒源地址问题、探索其攻击的各种形式、分析其带来的危害。将假冒源地址攻击用3个基本要素描述为:攻击者A,攻击目标V和被假冒主机H。根据H与A和V的相对拓扑结构,将假冒源地址攻击归纳为在网外H0、攻击目标H1、攻击目标子网H2、攻击者子网H3、攻击者与攻击目标路径上H4及其他H56类。这将有助于清晰地理解真实地址问题,指导假冒源地址防御技术的设计,为建立保证源地址真实性的互联网体系结构奠定基础。 Source address spoofing has become a widely used mechanism for attacks because it can be easily launched and is difficult to defend against and trace. Therefore, the classification of network attacks based on source address spoofing is very important. This paper presents a survey of the modes of source address spoofing and their effect on the Internet. The source address spoofing attacks are related to the attacker, the victim and the spoofed host. Source address spoofing attacks can be classified into six categories based on the position of the host being spoofed. This classification clarifies the problems of source address spoofing which will lead to improved prevention methods as a foundation of a trustworthy Internet architecture.

作者栗培国毕军姚广

机构地区清华大学信息网络工程研究中心

出处《清华大学学报（自然科学版）》 EI CAS CSCD 北大核心 2009年第8期1237-1240,共4页 Journal of Tsinghua University(Science and Technology)

基金国家"九七三"重点基础研究发展计划(2009CB320501) 国家"十一五"科技支撑计划(2008BAH37B02)

关键词假冒源地址攻击分类 IP伪造 source address spoofing classification of attacks IP spoofing

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献16

1Tanase M. IP spoofing introduction [OL]. (2003-03-11). http: //www. securityfocus, com/infocus/ 1674.
2MIT IP spoofer project website [OL]. [2008 05-26] http: //spooler. csail, mit. edu/summary, php.
3Computer Emergency Response Team (CERT). TCP SYN flooding and IP spoofing attacks [OL]. (2000-11-29). http: //www. cert. org/advisories/CA-1996-21, html .
4Wang H, Jin G, Shin K G. Defense against spoofed IP traffic using hop-count filtering [J]. ACM Transactions on Networking, 2007, 15(1): 40-53.
5Moore D, Voelker G, Savage S. Inferring internet denial-of-service activity [J]. ACM Transactions on Computer Systems, 2006, 24(2) : 115 - 139.
6Santiraveewan V, Permpoontanal.arp Y. A graph-based methodology for analyzing IP spoofing attack [C]//18th AINA. Washington: IEEE Press, 2004:227-231.
7Ferguson P, Senie D. Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing [R/OL]. (2000-05-01). RFC 2827, 2000. http: //www. ietf. org/rfc2827, txt?number = 2827.
8Jin G, Wang H, Shin K G. Hop-count filtering: An effective defense against spoofed DDoS traffic [C]//Proc 10th ACM Conference on Computer and Communication Security. New York: IEEE Press, 2003:30 - 41.
9Lee K, Kim J, Kwon K H, et al. DDoS attack detection method using cluster analysis [J]. Expert Systems with Applications, 2008, 34(3) : 1659 - 1665.
10Eddy W. Defenses against TCP SYN flooding attacks [J]. The Internet Protocol Journal, 2006, 9(4): 2- 16.

1陈磊.网络ARP问题的简析和改造[J].常州信息职业技术学院学报,2013,12(3):24-27.
2栗培国,毕军,周子建.基于Backscatter技术的假冒源地址攻击研究[J].中国海洋大学学报（自然科学版）,2008,38(S1):125-128.
3刘武,段海新,吴建平,李星,陈俏.基于真实IPv6地址的P2P邮件系统研究与实现[J].厦门大学学报（自然科学版）,2007,46(A02):1-5. 被引量：1
4秦晓明,赵建功,姜建国.序列检测在DDoS检测中的应用[J].计算机工程,2009,35(4):146-148. 被引量：3
5上官晋太,党雅文.4阶收敛的三次卷积插值算法及其边界条件[J].山西大学学报（自然科学版）,2012,35(3):487-492.
6王轩骞.天旋地转[J].大众软件,2000(A05):91-97.
7梁少峰.网络服务器的虚拟化提升[J].电子技术与软件工程,2013(14):20-20. 被引量：1
8柴建民,杨旭,张柒荣.FPU—H3罐处理器的技术特点及应用[J].中国仪器仪表,2005(2):77-79.
9韩书葵,方跃法,朱大昌.基于螺旋理论四自由度机器人分析[J].机械设计与研究,2005,21(6):30-32. 被引量：1
10李延军,陈玮.基于VRML的虚拟校园漫游系统设计与实现[J].自动化与信息工程,2008,29(2):46-48. 被引量：5

清华大学学报（自然科学版）

2009年第8期

浏览历史

内容加载中请稍等...

互联网假冒源地址攻击的分类

参考文献16

相关作者

相关机构

相关主题

浏览历史