期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于拥塞参与度的分布式低速率DoS攻击检测过滤方法 被引量:4

An Approach of Detecting Distributed Low-Rate DoS Attack Based on the Congestion Participation Rate
下载PDF
导出
摘要 分布式低速率拒绝服务攻击(DLDoS)利用已有网络协议和网络服务中自适应机制的漏洞发起攻击,其攻击效率和隐蔽性比传统洪泛式分布式拒绝服务攻击(DDoS)高得多,更加难于检测和防御。本文对DLDoS攻击进行了建模和形式化,提出了基于拥塞参与度的DLDoS攻击检测过滤方法。实验分析表明,该方法能有效检测DLDoS攻击,并降低误报率。 Distributed Lowrate DenialofService attacks (DLDoS) exploit the vulnerability of the adaptive behaviours exhibited by network protocols and network services. Its attack efficiency and ability of concealment are far higher than the traditional floodingbased DDoS attacks, thus it is harder to detect and defense. In this paper, we first model and formalize the DLDoS attacks, and then propose an approach of detecting DLDoS based on the congestion participation rate (CPR). Experiments and analysis demonstrate that the approach can detect the DLDoS attacks accurately and reduce the false alarm rate drastically.
作者 张长旺 殷建平 蔡志平 祝恩 程杰仁
机构地区 国防科技大学计算机学院 湘南学院数学系
出处 《计算机工程与科学》 CSCD 北大核心 2010年第7期49-52,共4页 Computer Engineering & Science
基金 国家自然科学基金资助项目(60603062) 湖南省自然科学基金资助项目(06JJ3035) 湖南省教育厅资助科研项目(07C718)
关键词 分布式低速率拒绝服务攻击 拥塞参与度 建模和形式化 攻击检测 DLDoS attack congestion participation rate modeling and formalization attack detection
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1Kuzmanovic A, Knightly E W. 12ow-Rate TCP-Targeted Denial of Service Attacks - (The Shrew vs. the Mice and Elephants) [C]//Proc of ACM SIGCOMM' 03, 2003 : 75-86.
  • 2Sarat S, Terizis A. On the Effect of Router Buffer Sizes on Low-Rate Denial of Service Attacks[C]//Proc of the Int'l Conf on Computer Communications and Networks, 2005:281- 286.
  • 3Sun H B, Lui J C S, Yau D K Y. Distributed Mechanism in Detecting and Defending Against the Low-Rate TCP Attack [C]//Proc of the 12th IEEE Int'l Conf on Network Protocols,2004 : 2312-2330.
  • 4Luo X, Chang R. On a New Class of Pulsing Denial-of-Service Attacks and the Defense[C]//Proc of the Network and Distributed System Security Symp, 2005:2-5.
  • 5Chen Y, Hwang K. Collaborative Detection and Filtering of Shrew DDoS Attacks Using Spectral Analysis[J]. Journal of Parallel and Distributed Computing, 2006,66(9) : 1137-1151.
  • 6Wei W, Dong Y B, Lu D M, et al. A Novel Mechanism to Defend Against Low-Rate Denial-of-Service Attacks[C] //Proe of the IEEE Int'l Conf on Intelligence and Security Informatics, 2006 : 261-271.

同被引文献22

  • 1陈丽,陈静.基于支持向量机和k-近邻分类器的多特征融合方法[J].计算机应用,2009,29(3):833-835. 被引量:14
  • 2Luo X P, Chang K C. On a New Class of Pulsing Denial-of-service Attacks and the Defense[ C ]//Network and Distributed System Security Symposium ( NDSS'05 ). San Diego, CA,2005:2 - 5.
  • 3Kuzmanovic A,Knightly E W. Low-rate TCP-targeted Denialofserviceattacks: the Shrew vs the Mice and Elephants [ C ]// Proc of ACM SIGCOMM' 03. Karlsruhe. ACM Press,2003:75 - 86.
  • 4Sarat S, Terzis A. On the Effect of Router Buffer Sizes on Low-ratedenial of Service Attacks [ C ]//14th International Conference on Computer Communications and Networks ( ICCCN 2005 ). San Diego : IEEE Press, 2005 : 281 - 286.
  • 5Sun H,Lui J, Yau D. Defending Against Low-rate TCP Attacks:Dynamic Detection and Protection [ C ]//the 12th IEEE International Conference on Network Protocols( ICNP 2004). Berlin:IEEE Computer Soc,2004:196 -205.
  • 6Chen Y, Hwang K. Collaborative Detection and Filtering of Shrew DdoS Attacks Using Spectral Analysis [ J]. Journal of Parallel and Distributed Computing,2006,66 ( 9 ) : 1137 - 1151.
  • 7Wei W, Dong Y B, Lu D M. A Novel Mechanism to Defend Against Low-rate Denial-of-service Attacks [ J ]. Journal of Compuer Science ,2006,3975:261 - 271.
  • 8何炎祥,刘陶,曹强,熊琦,韩奕.低速率拒绝服务攻击研究综述[J].计算机科学与探索,2008,2(1):1-19. 被引量:20
  • 9魏蔚,董亚波,鲁东明,金光.低速率TCP拒绝服务攻击的检测响应机制[J].浙江大学学报(工学版),2008,42(5):757-762. 被引量:5
  • 10吴志军,岳猛.基于卡尔曼滤波的LDDoS攻击检测方法[J].电子学报,2008,36(8):1590-1594. 被引量:15

引证文献4

二级引证文献34

计算机工程与科学
2010年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部