摘要
模仿人类行为的HTTP洪水是一种分布式拒绝服务攻击.提出一种抵御方法,它包括三个关键点:使用会话号标示请求者身份,通过分析单位时间的请求消息序列发现傀儡主机,通过丢弃或修改傀儡主机的请求消息中断其攻击.基于该方法实现了一种软件防火墙,它包括统计模块和转发模块,统计模块用于发现傀儡主机,转发模块用于丢弃或修改傀儡主机的请求消息.防火墙部署在网站服务器上,管理员根据网站特征设置运行参数,能以较小的代价使服务器从HTTP洪水中脱困.
HTTP floods mimicking the human behavior is kind of distributed denial of service attack. This paper presents a resist method, it includes three key points, uses session 1D to identify users, discovers the puppet computer by analyzing the request sequence in unit time, interrupts the attacks by discarding or modifying the request message. A sottware firewall is implemented based on this method, it includes a statistics module and a forwarding module. The statistics module is used to discover the puppet computers. The forwarding module is used to discard or modify the request messages of puppet computers. The firewall is deployed on a web server, the administrator sets the running arguments according to the site characteristics, help rescuing the server from HTTP floods at a low cost.
出处
《计算机系统应用》
2015年第4期148-152,共5页
Computer Systems & Applications
