期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于改进反向探测的IPv6邻居缓存保护方法 被引量:1

Method of IPv6 neighbor cache protection based on improved reversed detection
下载PDF
导出
摘要 针对IPv6邻居缓存(NC)易被攻击的问题,提出一种改进的反向探测方法(RD+)。该方法首先引入时间戳和报文序列两个选项,分别用于限制报文响应时长以及响应报文匹配;之后,定义RD+队列存储时间戳和报文序号等信息,并设计基于时间戳的随机早期检测(RED-T)算法对RD+队列实施管理以防范拒绝服务(DoS)攻击。实验结果表明,RD+能够有效抵抗邻居缓存欺骗和DoS攻击,与启发式和显式相结合的方法(HE)以及安全邻居发现协议(SEND)相比,其资源消耗较少。 IPv6 Neighbor Cache (NC) was very vulnerable to be attacked,therefore,an improved method named Reversed Detection Plus (RD +) was proposed.Timestamp and sequence were firstly introduced to limit strict time of response and response matching respectively; RD + queue was defined to store timestamp and sequence,and Random Early Detection Based on Timestamp (RED-T) algorithm was designed to prevent Denial of Service (DoS) attacks.The experimental results show that RD + can effectively protect IPv6 NC to resist spoofing and DoS attacks,and compared with Heuristic and Explicit (HE) and Secure Neighbor Discovery (SEND),RD + has a low consumption of resources.
作者 孔亚洲 王振兴 王禹 张连成
机构地区 数学工程与先进计算国家重点实验室
出处 《计算机应用》 CSCD 北大核心 2014年第4期950-954,共5页 journal of Computer Applications
关键词 IPV6 邻居缓存 反向探测 队列管理 拒绝服务攻击 IPv6 Neighbor Cache (NC) reversed detection queue management Denial of Service (DoS) attack
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献13

  • 1NARTEN T, NORDMARK E, SIMPSON W, et al. RFC 4861, Neighbor Discovery for IP version 6 (IPv6) [ S]. Geneva: IETF, 2007.
  • 2HUANG M. The IPv6 technology research of the next-generation In- ternet [ D]. Nanjing: Nanjing University of Posts and Telecommuni- cations. 2013.
  • 3ZHAO Y. Research of security in IPv6 transition phase [ D]. Bei- jing: Beijing Jiaotong University, 2013.
  • 4ARKKO J, ERICSSON ED, KEMPF J, et al. RFC 3971, Secure Neighbor Discovery (SEND) [ S]. Geneva: IETF, 2005.
  • 5AURA T. RFC 3972, Cryptographically Generated Address (CGA) [ S]. Geneva: IETF, 2005.
  • 6KITAMURA H, ATA S, MURATA M. IPv6 neighbor cache update [ EB/OL]. (2009 - 10 - 19) [ 2013 - 05 - 12]. http://tools, ietf. org/id/draft-kitamura-ipv6 -neighbor-cache-update-00. txt.
  • 7JIANG S, CHEN X, SONG X. Neighbor cache protection in neigh- bor discovery protocol [ EB/OL]. (2010 - 03 - 02) [ 2013 - 04 - 15 ]. http://tools, ieff. org/html/draft-jiang-v6ops-ne-proteetion- 01.
  • 8GASHINSKY I, JAEGGLI J, KUMARI W. RFC 6583, Operational neighbor discovery problems [ S]. Geneva: IETF, 2012.
  • 9ZHANG L. The research of priority checking RED algorithm based on IPv6 network [ D]. Changchun: Jilin University, 2012.
  • 10LIU X. Active queue management algorithm research based on fuzzy model [ D]. Nanjing: Nanjing University of Science and Technolo- gy, 2013.

二级参考文献26

  • 1王建新,周雄伟,杨湘.一种惩罚非适应流的无状态主动队列管理算法[J].系统工程与电子技术,2006,28(12):1935-1939. 被引量:6
  • 2CHEN W, YANG S-H. The mechanism of adapting RED parameters to TCP traffic[J]. Computer Communications, 2009, 32(13/14): 1525 - 1530.
  • 3WEN S, FANG Y, SUN H. Differentiated bandwidth allocation with TCP protection in core routers [ J]. IEEE Transactions on Parallel and Distributed Systems, 2009, 20(1): 34 -47.
  • 4ZHANG Y P, KANG S-R, LOGUINOV D. Delay-independent sta- bility and performance of distributed congestion control [ J]. IEEE/ ACM Transactions on Networking, 2007, 15(4): 838 -851.
  • 5LIM L B, GUAN L, GRIGG A, et al. Controlling mean queuing de- lay under multi-class bursty and correlated traffic [ J]. Journal of Computer and System Sciences, 2011, 77(5) : 898 - 916.
  • 6TAN X H, HUANG Y H, JIN W D. Modeling and performance a- nalysis of self-similar traffic based on FBM [ C]//IFIP Internation- al Conference on Network and Parallel Computing Workshops. Pis- caraway: IEEE, 2007:543-548.
  • 7FLOYD S. HighSpeed TCP for large congestion windows[EB/OL].http://tools.ietf.org/pdf/ffc3649.pdf,2010.
  • 8KUNNIYUR S,SRIKANT R. Analysis and design of an Adaptive Virtual Queue (AVQ) algorithm for active queue management[A].New York:acm Press,2001.123-134.
  • 9ATHURALIYA S,LI H,LOW S H. REM:Active queue management[J].IEEE/ACM Transactions on Networking,2001,(03):48-53.
  • 10CHO H C,FADALI M S,LEE H. Neural network control for TCP network congestion[A].Piscatsway,NJ:IEEE Press,2005.3480-3485.

共引文献7

同被引文献14

引证文献1

二级引证文献1

计算机应用
2014年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部