期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

抗DDoS攻击的主动队列管理算法 被引量:4

Active Queue Management Algorithm to Counter DDoS Attacks
下载PDF
导出
摘要 提出一种能够在DDoS(distributed denial-of-service)攻击下保证现有正常网络流量的弹性随机公平蓝色(resilient stochastic fair blue,简称RSFB)算法.RSFB算法根据数据流标记概率来识别良性数据流,并将识别出的良性数据流记录更新到一个良性数据流队列(benign flow queue,简称BFQ)中.算法再根据BFQ中的良性数据流记录来保证良性数据流数据包的顺利传输.通过开展一系列实验,评估对比了RSFB算法和几个著名主动队列管理(active queue management,简称AQM)算法的抗DDoS攻击性能.实验结果表明,RSFB算法具有如下优点:1)具有高度的健壮性;2)能够在发生DDoS攻击时有效保证现有正常TCP数据流的吞吐率;3)抗DDoS攻击性能明显优于现有的主动队列管理算法. A resilient stochastic fair blue (RSFB) algorithm is proposed to preserve the existing normal network throughput under DDoS attacks. RSFB algorithm identifies benign flows according to their marking probability, which is derived from the stochastic fair blue algorithm. All the identified benign flows are then recorded in a benign flow queue (BFQ). Finally, the RSFB algorithm ensures the transportation of the packets from benign flows to the BFQ. A series of simulations are carried out to evaluate the anti-attack performance of RSFB and a serial of well known AQM algorithms. The results show that the RSFB algorithm i) is highly robust, ii) can well preserve the TCP throughput in the presence of DDoS attacks, iii) and obviously over performs the existing AQM algorithms when facing DDoS attacks.
作者 张长旺 殷建平 蔡志平 刘新旺 林加润 朱明
机构地区 国防科学技术大学计算机学院
出处 《软件学报》 EI CSCD 北大核心 2011年第9期2182-2192,共11页 Journal of Software
基金 国家自然科学基金(60970034 61070198 60803002 60903040)
关键词 主动队列管理 分布式拒绝服务攻击 随机公平蓝色算法 active queue management distributed denial-of-service stochastic fire blue algorithm
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献4

二级参考文献38

  • 1卢锡城,张明杰,朱培栋.自适应PI主动队列管理算法[J].软件学报,2005,16(5):903-910. 被引量:19
  • 2纪其进,董永强.一种链路负载自适应的主动队列管理算法[J].软件学报,2006,17(5):1140-1148. 被引量:7
  • 3Braden B, Clark D, Crowcroft J, Davie B, Deering S, Estrin D, Floyd S, Jacobson V, Minshall G, Partridge C, Peterson L,Ramakrishnan K, Shenker S, Wroclawski J, Zhang L. Recommendations on queue management and congestion avoidance in the Internet. RFC2309, Internet Engineering Task Force, 1998.
  • 4Floyd S, Jacobson V. Random early detection gateways for congestion avoidance. IEEE/ACM Trans. on Networking, 1993,1(4):397-413.
  • 5Hollot CV, Misra V, Towsley D, Gong W. A control theoretic analysis of RED. In: Ammar M, ed. Proc. of the IEEE INFOCOM.Anchorage: IEEE Communications Society, 2001. 1510-1519.
  • 6Le L, Aikat J, Jeffay K, Smith FD. The effects of active queue management on Web performance. In: Proc. of the ACM SIGCOMM2003. Karlsruhe, 2003. 265-276. http://www.cs.unc.edu/~jeffay/papers/SIGCOMM-03.pdf
  • 7Floyd S, Gummadi R, Shenker S. Adaptive RED: An algorithm for increasing the robustness of RED's active queue management.2001. http://www.icir. org/~floyd
  • 8Kunniyur S, Srikant R. A time scale decomposition approach to adaptive ECN marking. In: Ammar M, ed. Proc. of the IEEE INFOCOM. Anchorage: IEEE Communications Society, 2001. 1330-1339.
  • 9Athuraliya S, Low S, Li VH, Yin QH. REM: Active queue management. IEEE Network, 2001,15(3):48-53.
  • 10Misra V, Gong WB, Towsley D. Fluid-Based analysis of a network of AQM routers supporting TCP flows with an application to RED. In: Proc. of the ACM SIGCOMM 2000. Stockholm, 2000. 151-160. http://gaia.cs.umass.edu/fluid/

共引文献30

同被引文献32

  • 1刘明,张鹤颖,窦文华.随机指数标记算法的性能分析与控制模型[J].计算机工程与科学,2005,27(9):66-68. 被引量:4
  • 2高海华,杨辉华,王行愚.基于PCA和KPCA特征抽取的SVM网络入侵检测方法[J].华东理工大学学报(自然科学版),2006,32(3):321-326. 被引量:20
  • 3王建新,荣亮,肖雪峰.几种主动队列管理算法的仿真及性能评估[J].计算机工程,2007,33(3):128-130. 被引量:3
  • 4赵峰,张军英.一种KPCA的快速算法[J].控制与决策,2007,22(9):1044-1048. 被引量:14
  • 5Peng J, Sikdar B, Cheng L. Muhicasting with localized control in wireless Ad hoc networks[J]. IEEE Transactions on Mobile Computing,2009,8(1):52-64.
  • 6Guan L, Awan I U. Discrete-time performance analysis of a congestion control mechanism based on RED under multi-class bursty and correlated traffic [J]. Journal of Systems and Software, 2007, 80 (10): 1716-1725.
  • 7Chen C K, Kuo H H, Yan J J. Ga-based PID active queue management control design for a class of TCP communication networks [J]. Expert Systems with Applications, 2009,36(2): 1903-1913.
  • 8Lim L B, Guan L. Controlling mean queuing delay under multi-class bursty and correlated traffic[J]. Elsevier Journal of Computer and System Sciences,2010,77(5):898-916.
  • 9Chen Q, Yang O W W. Robust cont roller design for AQM router[J]. IEEE Transactions on Automatic Control, 2007,52(5) : 938-943.
  • 10Zhang Y, Kang S R, Loguinov D. Delay-independent stability and performance of distributed congestion control[J]. IEEE/ACM Transactions on Networking , 2007,15(5) :838-851.

引证文献4

二级引证文献10

软件学报
2011年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部