摘要
对SIP DDoS攻击的原理和检测算法进行研究,结合SIP协议本身的特点和一般网络中的分布式入侵防御系统,提出一种在高效防御SIP DDoS攻击的同时使用检测算法检测攻击的分布式防御系统,并为该系统设计了负载交互流程和防火墙模块.根据SIP负载均衡算法和检测算法的要求,为分布式防御系统设计了两级负载均衡策略并给出了实现方法,其中一级负载均衡模块根据SIP消息的头域进行转发,保证对话的完整性和检测算法的要求;二级负载均衡模块根据防御检测节点负载进行转发,保证防御检测节点的负载均衡特性.仿真实验结果表明系统的两级负载均衡算法能够在保证检测算法要求的前提下表现出良好的负载均衡特性.
This paper studies the theory of SIP DDoS attack, detection algorithms and the characters of SIP protocol itself. Combined with the distributed intrusion prevention systems in general network, a highly efficient distributed prevention system is proposed and the load interaction process and f'trewall module for the system are designed. The system can detect SIP DDoS attack with detecting al- gorithms while defending attack at the same time. According to the SIP load balance algorithms and the requirements of detection al- gorithms, a two level load balance strategy for the system is designed. The first level load balance module distributes messages according to the head fields of the messages to keep the integrity of dialog and meet the requirements of detecting algorithms. The sec- ond level lord balance module distributes messages according to the load of defending and detecting nodes to keep the load balance of these nodes. The simulation results show that the two level load balance strategy of the system can meet the requirements of detection algorithms and make a good performance of load-balancing features.
出处
《小型微型计算机系统》
CSCD
北大核心
2013年第9期2095-2099,共5页
Journal of Chinese Computer Systems
基金
国家重大专项水专项基金项目(2009ZX07528-006-05)资助
