期刊文献+

DDOS防御的新方法 被引量:1

A NEW DDOS DEFENSE METHOD
下载PDF
导出
摘要 目前,基于包标记的IP追踪和攻击包识别技术是有效防御分布式拒绝服务攻击的主要手段之一。提出一种基于确定包标记的防御新方法通过在子网中增加跟踪服务器,改变EPS编码方式,并通过边界路由器来追踪和识别攻击数据包。实验表明,方法具有追踪攻击源数量大,没有误报率,可以实现攻击包识别、单包追踪和有效保护网络拓扑的隐秘性等优点。 Currently, IP tracking based on packet marking and attacking package recognition technology is one of the main means for effective protection against DDOS attacks. A new defense method based on determined package marking is proposed in the paper, which, through adding tacking servers within a sub-network, alters EPS coding method, furthermore through border routers, tracks and identifies attack packets. Experimental results have shown that the method bears such advantages as tracking a large number of attack sources, zero false alarm rates, identifying attack packets, tracking sinKle packet and effectively protectin~ network tooolo~ privacy etc.
作者 梁爽
出处 《计算机应用与软件》 CSCD 北大核心 2012年第7期286-287,297,共3页 Computer Applications and Software
关键词 分布式拒绝服务 攻击 防御 包标记 确定性 IP追踪 攻击包识别 DDOS Attacking Defense Packet marking Certainty IP tracking Attack packet identification
  • 相关文献

参考文献4

  • 1Yang B,Hu H, Guo S. Cost-oriented task allocation and hardware redundancy policies in heterogeneous distributed computing systems considering software reliability[J]. Computers and Industrial Engineering, 2009,56(4) :1687 - 1696.
  • 2Herzog P. Open-source security testing methodology manual[ EB/OL]. 2009-12-10. http://isecom, securentled, com/osstmm, es. 2.1. pdf.
  • 3Savage S, Wetherall D, Karlin A, et al. Network Support for IPTraceback [ J]. ACM SIGCOMM Computer Communication Review ,2000,30 (4) :295 -306.
  • 4Belenky A, Ansari N. IP Traceback with Deterministic PacketMarking [ J ]. IEEE Communication Letters,2003,7 (4) : 162 - 164.

同被引文献5

引证文献1

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部