期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

DDoS攻击下RED算法的仿真研究

Simulation Study of RED Algorithm under DDoS
下载PDF
导出
摘要 DDoS(分布式拒绝服务)攻击数据流在发生网络拥塞的情况下并不降低它们的发送速率,充满了路由器的缓冲区,剥夺其他正常数据流的带宽。基于这一网络行为,从拥塞控制的角度来研究DDoS攻击目标端的防御机制。然后在模拟DDoS攻击环境下,对基于路由器的拥塞控制算法RED(随机早期检测)进行了仿真实验研究。实验发现,在DDoS攻击下,一些数据量很大的攻击流会大量占用带宽,从而导致了各流量之间带宽分配的不公平性,据此对拥塞控制机制提出了进一步的改进。 DDoS flows that do not cut down their sending rates after their packets are dropped will hog the buffer space at routers and deprive all other flows of their fair share of bandwidth. Based on the network behaviour,study the prevention mechanism of DDoS from the aspect of congestion control. And in the simulation environment of DDoS, study the RED (Random Early Detection) algorithm that is a congestion control mechanism based on routers. Simulation results show that RED provides little protection from highbandwidth flows that take much wide bandwidth,which can result in extreme unfairness among per- flow. Based on the point,put forward further improvement for the mechanism of congestion control.
作者 忽海娜 张虎 王中立
机构地区 许昌学院
出处 《计算机技术与发展》 2010年第2期178-181,共4页 Computer Technology and Development
基金 河南省科技厅科技攻关项目(0624470019)
关键词 分布式拒绝服务 随机早期检测 拥塞控制 DDoS random early detection congestion control
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1杨凯锋,洪佩琳,束永安,李津生.Internet路由器中的拥塞控制策略[J].小型微型计算机系统,2000,21(4):353-356. 被引量:6
  • 2仲燕,孙知信.路由器防范拒绝服务攻击技术研究[J].南京邮电学院学报(自然科学版),2005,25(6):90-94. 被引量:1
  • 3Garher L. Denia - of-Servic Attacks Rip the Internet [ J ]. Computer,2000,33 (4) : 12 - 17.
  • 4Lee R B. CE- L 2003 - 003, Taxonomies of Distrihuted Denial of Service Networks, Attacks, Tools, and Countermeasures[R]. Department of Electrical Engineering, Princeton University,2003.
  • 5忽海娜,冯浩,王中立.DDoS攻击下高带宽聚类的控制[J].计算机技术与发展,2008,18(4):155-157. 被引量:2
  • 6Braden B, Clark D. Recommendations on Queue Management and Congestion Avoidance in the lntemet[S]. RFC2309. Network Working Group, 1998.
  • 7Floyd S, Jaoobson V. Random early detection gateways for eongesti onavoidance[J ]. IEEE/ACM Transactions on Networking, 1993,1 (4) :397 - 413.

二级参考文献29

  • 1周明天,TCP/IP网络原理与技术,1993年
  • 2ARPACI M,UZUNALIOGLU H,COPELAND J.TCP Performance over Heterogeneous Networks[A].Proceedings of the 25th Annual IEEE Conference on Local Computer Networks[C].2000.536~541.
  • 3FLOYD S,JACOBSON V.Random early detection gateways for congestion avoidance[J].IEEE/ACM Trans on Networking,1993,1(4):397~413.
  • 4BRADEN R,CLARK D,CROWCROFT J,et al.Recommendations on queue management and congestion avoidance in the Internet[S].RFC 2309,Apr 1998.
  • 5IOANNIDIS J,BELLOVIN S.Implementing pushback:router defense against DDoS attacks[EB/OL].http://www.isoc.org/isoc/conferences/ndss/02/proceedings/papers/ioanni.pdf,2002.
  • 6MAHAJAN R,BELLOVIN S M,FLOYD S,et al.Controlling high bandwidth aggregate in the network[EB/OL].http://www.icir.org/pushback/pushback-Julol.pdf
  • 7JUNG J,KRISHNAMURTHY B,RABINOVICH M.Flash crowds and denial of service attacks:Characterization and implications for CDNs and web sites[A].In:Proceeding of 11th Word Wide Web conference[C].Honolulu,Hawaii,USA,2002.
  • 8HUSSAIN A,HEIDEMANN J,PAPADOPOULOS C.A Framework for Classifying Denial of Service Attacks[A].In:Proceedings of ACM SIGCOMM[C].2003.99~110.
  • 9MIRKOVIC J,PRIER G,REIHER P.Attacking DDoS at the source[A].Network Protocols[C].2002.312~321.
  • 10FAN Y,HASSANEIN H,MARTIN P.Proactively defeating distributed denial of service attacks[A].Electrical and Computer Engineering[C].Canadian,2003.1047~1050.

共引文献6

计算机技术与发展
2010年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部