摘要
提出了一个追踪DDoS攻击源的算法,将攻击源快速锁定到规模相对较小的AS实体中,确定攻击源所属的AS自治域系统。由入侵检测系统的网络数据包采集器负责处理网络中传输的报文,采集到的数据经加工处理后,识别、记录和分析攻击行为或异常情况,形成入侵攻击报警信息数据,对入侵攻击的路径路由进行反追踪以形成有效的入侵攻击路径路由图。实验表明,该算法比PPM算法在计算负载上更有效。
An algorithm for tracing DDoS attack sources rapidly lock attack sources to AS entities with small scales for ensuring their AS autonomy system.The gatherer of network packets in IDS sees after transmissive message of the network,the gathered data are cured to identify,record and analyze aggressive behaviors or abnormal condition for forming intrusion attack alarm information data,this retraces routes of intrusion attacks to forming the effective route figures.Experiments show that the algorithm is effective than the PPM algorithm on calculated load.
出处
《电脑知识与技术》
2011年第6X期4321-4323,共3页
Computer Knowledge and Technology
基金
湖南省自然科学基金资助项目(08JJ3119)
