摘要
在现有的攻击源追踪技术中还存在不少弊端,例如:输入测试法需要技术人员的干预,ICMP定位法占用网络带宽资源等,并且事后不能准确地追踪到攻击的源头.提出一种基于蚁群思想的网络协同源攻击追踪方法,通过使用IMCP定位报文法的策略,在网络监测器上对攻击数据包进行"备份",然后再利用蚁群算法缩小路径信息查询的范围,从而能够快速的构造出攻击路径.实验表明:该方法提高了追踪信息的查询速度和攻击源定位的准确性.
There are still a number of shortcomings in the existing methods of attack traceback, such as input debugging method requiring the professional intervention, ICMP traceback message taking up the network bandwidth resources. And these methods could not accurately track the source of the attack. , So a new attack traceback method of collaborative network based on ant colony algorithm is proposed. This method uses the strategy of ICMP traceback message and data packet attacked is backed-up on the network monitor. Then the ant colony algorithm is used to reduce the query scope of path information. This method will construct the attack path rapidly. Experiments show that this method improves the query speed of tracking information and the accuracy of positioning the source of attack.
出处
《浙江工业大学学报》
CAS
2012年第6期666-669,共4页
Journal of Zhejiang University of Technology
基金
浙江省自然科学基金资助项目(X105739)
关键词
入侵检测系统
攻击源
信息素
intrusion detection system
the source of attack~ pheromone
