摘要
SYN Flood是一种典型的拒绝服务攻击技术,它利用TCP协议的安全漏洞危害网络,目前还没有很好的办法彻底解决SYN Flood攻击问题。分析了3种现有的SYN Flood防御模型:SYN Cookie、SYN Gateway和SYN Proxy,提出了增强的SYN Proxy防御模型,研究了其相关的防御算法,并基于Linux平台进行了实现,最后对防御模型进行了测试。测试结果表明,增强的SYN Proxy模型能抵御高强度的SYN Flood攻击,较之现有的模型有更好的优越性。
The SYN Flood is a typical denial of service attack technology and endangers the network using the security vulnerabilities of the TCP protocol. There is no good way to completely solve it at present. This paper analyzed the three existing SYN Flood defense model: the SYN Cookie, the SYN Gateway, the SYN Proxy, and put forward the enhanced SYN Flood defense model, and researched the related algorithm, and implemented the model based on linux, and tested the defense model last. The result of the test shows that the enhanced SYN Proxy model can resist the high intensity SYN Flood attack and be better superiority than the existing model.
出处
《计算机科学》
CSCD
北大核心
2013年第11A期210-213,共4页
Computer Science
基金
贵阳学院联合基金项目(黔科合J字LKG[2013]51号)资助
