摘要
利用有限状态机对BGP协议进行分析,结果表明使用BGP协议通信的路由器其路由表更新机制存在安全漏洞,在此基础上,提出一种针对BGP路由器的分布式拒绝服务(DDoS)攻击方法,并根据BGP路由器的通信数据,设计实现一款测试软件RouterTest用于模拟对路由器的DDoS攻击,实验结果证明了该攻击方法的有效性,并针对该攻击提出相应的防范措施。
This paper uses Finite State Machine(FSM) to analyze Border Gateway Protocol(BGP),whose results show that the update mechanism of BGP routers has safe defects.A Distributed Denial of Service(DDoS) attack method is proposed for routers with BGP.According to the communication data of BGP routers,a test software named RouterTest is designed and implemented to simulate DDoS attacks on routers.Experimental results demonstrate the effectiveness of the attack.Corresponding precautions against the attacks are also proposed.
出处
《计算机工程》
CAS
CSCD
2012年第19期103-106,共4页
Computer Engineering
基金
国家自然科学基金资助项目(60803155)
关键词
路由器
BGP协议
分布式拒绝服务攻击
有限状态机
路由表计算
router
Border Gateway Protocol(BGP)
Distributed Denial of Service(DDoS) attack
Finite State Machine(FSM)
routing table computing
