摘要
在高速网络环境下对可控攻击源进行追踪,采用传统方法难以重构攻击路径,导致方法研究效果较差,针对现有的攻击问题,提出了高速网络中可控攻击源追踪标记方法研究。分析可控攻击源攻击过程,使用IMCP协议定位报文,建立有向无环图表示追踪拓扑树。根据追踪标记原理,选取主要攻击路径,并对各个路由标记域独立执行概率大小进行标记,以概率将流经网络的IP地址记为报文,依据排序后IP报文头格式,改善攻击源不确定问题。预测高速网络主要攻击路径,通过对高速网络环境下可控攻击源进行追踪标记,增大期望值和对边标记数量,重构追踪路径,实现高速网络中可控攻击源追踪标记。通过实验结果可知,该方法研究效果最高可达到95%,减少高速网络攻击带来的经济损失。
It is difficult to reconstruct attack path by traditional methods in tracking controllable attack sources in high-speed network environment,which leads to poor research results.This paper analyzes the attack process of controllable attack source,uses IMCP protocol to locate packets,and establishes a directed acyclic graph to represent the tracing topology tree.According to the tracing marking principle,the main attack paths are selected,and the probabilities of each routing marker domain are marked independently.The IP addresses flowing through the network are recorded as messages by probabilities.The indeterminate problem of attack source is improved according to the header format of sorted IP packets.Predicting the main attack path of high-speed network,tracing and marking the controllable attack source in high-speed network environment,increasing the expected value and the number of side tags,reconstructing the tracing path,and realizing the controllable attack source tracing and marking in high-speed network.The experimental results show that the maximum research effect of this method can reach 95%,and the economic loss caused by high-speed network attacks can be reduced.
作者
周颖
ZHOU Ying(Computer Department,Shaanxi Post and Telecommunication College,Xianyang 712000,China)
出处
《电子设计工程》
2019年第11期132-135,145,共5页
Electronic Design Engineering
基金
陕西省高等教育教学改革研究项目(陕教〔2017〕372号)
陕西邮电职业技术学院院级课题项目(陕邮职院〔2017〕100号)
关键词
高速网络
可控攻击源
追踪
标记
重构
路径
high speed network
controllable attack source
tracing
marking
reconstruction
path
