期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

分布式拒绝服务防御技术研究 被引量:2

Research on Techniques of DDoS Defense
下载PDF
导出
摘要 分布式拒绝服务(Distributed Denial of service,DDoS)攻击是网络安全的主要威胁之一。由于攻击源多采用虚假源IP地址,对攻击行为的溯源和应急处置工作面临很大困难。文章基于路由器的DDoS防御技术进行了分析,重点研究了边采样算法。通过ISP在传输网络路由器上设置DDoS防御系统是可行和有效的。 DDoS attack is one of main threat to network security. Looking for original address and taking appropriate action face great difficulties because of fake IP address used by hackers. This article analysis thechniques of DDoS defense based on routers, focuses on research of edge sampling algorithm. It is effective and reliable to build up DDos Defense System via ISP's backbone routers.
作者 郑显举
机构地区 成都电子机械高等专科学校计算机工程系
出处 《计算机与数字工程》 2011年第7期109-112,共4页 Computer & Digital Engineering
基金 成都电子机械高等专科学校科研项目(编号:KY051011B)资助
关键词 分布式拒绝服务 网络安全 路由器 IP地址 DDoS network security router IP address
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献4

二级参考文献21

  • 1[1]CERT Advisory CA-1996-21 TCP SYN flooding and IP spoofing attacks. http://www.cert.org/ advisories/CA-1996-21.html.
  • 2[2]CERT Advisory CA-1998-01 Smurf IP denial-of-service attacks. http://www.cert.org/ advisories/CA-1998-01.html.
  • 3[3]Banga, G., Drusched, P., Mogul, J. Resource containers: a new facility for resource management in server systems. In: OSDI, ed. Proceedings of the 1999 USENIX/ACM Symposium on Operating System Design and Implementation (OSDI'99). New Orleans, LA: OSDI, 1999. 45~58.
  • 4[4]Spatscheck, O., Peterson, L. Defending against denial of service attacks in scout. In: OSDI, ed., Proceedings of the 1999 USENIX/ACM Symposium on Operating System Design and Implementation (OSDI'99). New Orleans, LA: OSDI, 1999. 59~72.
  • 5[5]Meadows, C. A formal framework and evaluation method for network denial of service. In: PCSFW, ed., Proceedings of the 1999 IEEE Computer Security Foundations Workshop. Mordano: IEEE Computer Society Press, 1999. 4~13.
  • 6[6]Savage, S., Wetherall, D., Karlin, A., et al. Practical network support for IP traceback. In: ACM, ed., Proceedings of the ACM SIGCOMM2000. Sweden: ACM, 2000. 295~300.
  • 7[7]Song, D., Perrig, A. Advanced and authenticated techniques for IP traceback. In: INFOCOM ed., Proceedings of the IEEE INFOCOM2001, Anchorage, Alaska: INFOCOM, 2001.
  • 8[8]Park, K., Lee, H. On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack. In: INFOCOM, ed. Proceedings of the IEEE INFOCOM'2001. Anchorage, Alaska: INFOCOM, 2001.
  • 9[9]Ferguson, P., Senie, D. RFC2827: network ingress filtering: defeating denial of service attacks which employ IP source address spoofing. 2000. http://www.ietf.org/rfc/rfc2827.txt.
  • 10[10]Mahajan, R., Bellovin, S., Floyd, S., et al. Controlling high bandwidth aggregates in the network. Technical Report, ACIRI and AT&T Labs Research, 2001. http://www.icir.org/pushback/pushback-Jul01.pdf.

共引文献16

同被引文献4

引证文献2

计算机与数字工程
2011年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部