IP源地址回溯浅析

近年来,网络黑客的各种攻击手法中,以拒绝服务攻击(DOS)最为常见也最难防范。DOS攻击会占用服务器的带宽或系统资源,导致无法提供合法使用者正常的服务,甚至还会导致电脑严重死机。对于DOS攻击的威胁,虽然已经有很多学者提出了防御办法,但大部分办法都只能达到减轻受害程度的作用,并不能完全解决这个问题。目前比较能够有效减少攻击者发动DOS攻击的做法,就是提供一个可以找出攻击来源的方法(IP源回溯),借由这个方法,我们可以有效地找到发动攻击的黑客,识别和定位到跳板机,加以法律或道德地约束。本文将介绍目前已经提出的主要IP源回溯方法,并在比较当前关于提高IP源回溯实时性的研究的基础上,针对其计算复杂性、路由器开销、误报率等,提出IP源回溯实时性的重要性和可行性。

In recent years, the DOS attack is common and also difficult to against. DOS attack can take the ser ver 's bandwidth or the system resources, and the server will unable to provide the legitimate user's normal service, even also can make computer seriously dying. Regarding DOS attack threat, we al ready had very many scholars to propose the defense means, but the majority of means only could achieve reduced suffers injury the degree function, and could not solve this problem completely. At present which can effectively reduce the aggressor to start the procedure which DOS attacks, is to discover the method which the attack originates (IP traceback). By this method, we may effec tively find the hacker which starts the attack, distinguishes and locates to the Zombies, performs the law or the moral restraint.