摘要
固定数据包标记(DPM)技术是一种能够处理大规模DDoS攻击的IP追踪技术,而概率数据包标记(PPM)是目前研究得最广泛的IP追踪技术。在分析DPM技术和PPM两种技术优缺点的基础上,结合上述两种基本方法的优点,引入使用自治系统编号和路由器编号作为数据包标记的方法LPM,通过重载IP包头中的偏移域,获得更多的标记空间。模拟结果表明,该算法实现简单,在收敛时间、虚报率和计算负荷等方面都有较好的效果。
Deterministic packet marking(DPM) is an efficient IP traceback technique tackling with large-scale DDoS attacks;and probabilistic packet marking(PPM) has been studied as a promising approach to realize IP traceback.In this paper,based on the analyses on the advantages and disadvantages of DPM and PPM techniques,we combine the advantages of these two fundamental techniques and introduce a lightweight packet marking(LPM) scheme which uses autonomous system number and router ID number as packet marking information.By reloading the offset filed of IP header we obtain more available marking space.Simulation result shows that the LPM scheme is easy to implement and achieves good outcomes in convergence time,false alarm rate and computational overhead.
出处
《计算机应用与软件》
CSCD
2010年第7期197-199,共3页
Computer Applications and Software
关键词
数据包标记
自治系统
IP追踪
Packet marking Autonomous system IP traceback