期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

随机伪造源地址DDoS攻击下的合法地址识别方法

Identification of legitimate addresses under DDoS attacks withrandom spoofed source addresses
下载PDF
导出
摘要 设计了一种用于统计源地址包数的高效数据结构E—CBF,基于此,提出了随机伪造源地址DDoS攻击发生时合法地址识别算法,其时间复杂性为O(1),同时仅需1MB的内存开销。然后在对识别误差分析的基础上,提出了识别参数调整算法,用以根据当前攻击规模,自动调整检测参数来满足检测精度需求。模拟实验和真实网络数据实验结果均表明,该方法在不同规模的攻击下能自动调整检测参数,快速准确地发现合法源地址。 An efficient data structure called Extended Counting Bloom Filter (E-CBF) was designed to count the number of packets from source IP addresses, and then, based on it, an identifying algorithm with the time complexity of O (1) and the memory space of only 1MB, was proposed for finding legitimate addresses under distributed denial of service (DDoS) attacks with random spoofed source addresses. Based on the analysis of identifying errors, an algorithm for adjusting identifying parameters was also proposed, which can automatically adjust the parameters to satisfy the precision requirement according to attack scales. The simulation and real traffic experiments show that the proposed method can automatically adjust the parameters to fast and accurately identify legitimate addresses under different attack scales.
作者 肖军 云晓春 张永铮 戴磊
机构地区 中国科学院计算技术研究所信息安全研究中心 中国科学院研究生院
出处 《高技术通讯》 CAS CSCD 北大核心 2011年第4期356-362,共7页 Chinese High Technology Letters
基金 863计划(2007AA01Z444,2007AA01Z474,2007AA010501,207AA01Z467)和国家自然科学基金(60573134,60703021)资助项目.
关键词 网络安全 分布式拒绝服务(DDoS) 随机伪造源地址 过滤 BLOOM FILTER network security, distributed denial of service (DDoS), random spoofed source address, filter, Bloom Filter
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献17

  • 1Computer Emergency Response Team. CERT Advisory CA-2001-01 Denial-of-Service Developments. http://www.cert. org/advisories/CA-2001-01, html: Carnegie Mellon University. 2000.
  • 2Kim H. Longtime battle lines are recast in Russia and Georgia' s cyberwar, http://www. washingtonpost. com/wp -dyn/ content/artical/2008/08/13/AR2008081303623_pf. html: Washington Post. 2008.
  • 3John M. Before the gunfire, eybemttacks. International herald tribune, http://www. iht. com/articles/2008/08/13/ teehnology/13eyber. php:the New York times. 2008.
  • 4China Byte.中国互联网不设防.http://net.chinabyte.com/519DNS:chinabyte.2009.
  • 5David D. The "mstream" distributed denial of service attack tool. http://www, packetstormsecurity.org/distribut ed/ mstream, analysis, txt: packetstorm 2000.
  • 6Pervasivetechnologylabs. Distributed Denial of Service (DDoS) Resources. http://anml. iu. edu/ddos/tools. html: per vasivetechnologylabs. 2001.
  • 7Jin C, Wang H, Shin K. Hop-Count Filtering: an effective defense against spoofed tra~c. In: Proceedings of the 10th ACM conference on computer and communications security. Washington D. C., USA. 2003.30-41.
  • 8Peng T, Leckie C, Ramanohanarao K. Protection from Distributed Denial of Service attack using History-based IP Filtering. In: IEEE International Conference on Communications, Anchorage, Alaska, USA. 2003.482-486.
  • 9Bremler-Barr A, Levy H. Spoofing prevention method. In: Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societyes, Miami, USA. 2005.536-547.
  • 10Ferguson P, Senie D. Network ingress filtering: Defeating denial of service attacks which employ IP source spoofing. RFC 2827. Intemet Engineering Task Force (IETF). 2000.

二级参考文献2

  • 1王叔子.时间序列分析的工程应用[M].武汉:华中理工大学出版社,1992..
  • 2杜金观 项静怡 等.时间序列分析--建模与预报[M].合肥:安徽教育出版社,1991.79-98.

共引文献106

高技术通讯
2011年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部