摘要
针对基于直接广播的DRDoS攻击,本文提出了一种简单高效的攻击源溯源方法 ROPMS(Reflector Oriented Probabilistic Marking Scheme).该方法依据DRDoS攻击特征分析结果,为路由节点制定了标记策略,结合线性代数理论与概率数据包标记思想,针对攻击拓扑中的边与路由节点同时实现标记.在攻击拓扑恢复算法中,通过两种标记交叉验证实现攻击路径的正确恢复.相比其它IP Traceback方法,该方法在构建攻击拓扑过程中不需要事先掌握ISP网络拓扑结构,具有较强的适用性、较好的抗干扰性和安全性.仿真实验表明,相比CHEN等人提出的方法,该方法在收敛性和全路径恢复准确性等方面体现了较强的优势,能够有效的应对大规模DRDoS攻击行为.
This paper presents a high performance and secure IP Traceback method named ROPMS ( Verifiable Probabilistic Marking Scheme ) for large scale DDoS ( Distributed Denial of Service }. Taking advantage of algebraic coding theory and Probabilistic Packet Marking method { PPM }, ROPMS marks the edges and nodes of the attacking topology simultaneously. To restore the attacking path precisely, we cross verify those two markers. ROPMS outperforms existing IP Traceback methods in applicability, anti-interference and security. Furthermore, Our method can successfully reconstruct the attacking topology without any information of the ISP network topology. Our simulation experiments demonstrate that our method outperforms the method of Chen et al. in convergence and the accuracy of the full path restoring and our method can defend the large scale DRDoS.
出处
《小型微型计算机系统》
CSCD
北大核心
2014年第10期2313-2318,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61272147)资助
关键词
网络
分布式拒绝服务
分布式反射拒绝服务
IP溯源
数据包标记
network
distributed denial of service
distributed reflection denial of service
IP traceback
packet marking
