摘要
随机数据包标记(PPM)是对拒绝服务攻击进行IP回溯的一种实用而有效的方法.提供了一种自适应的PPM算法:一个路由器按一个与路过的数据包已传输距离自适应的概率标记该数据包,从而被攻击者可以以 最短的收敛时间重构一个攻击路径.通过一个新的称为标注片段编码的IP重载方案,实现了实时的重构,从而能同时回溯数千条路径.与以前的PPM方案相比,收敛时间减少了50%,同时大大减少了重构计算量和伪证性.
Probabilistic packet marking (PPM) is a practical and effective method for IP traceback of denial-of-service (DoS) attack. An adaptive PPM algorithm is presented: a router marks a passing packet with a probability which is adaptive to the distance that the packet has traversed, so that a minimum convergence time for an attacking path can be achieved in the victim. With a new IP header overloading scheme, the labeled fragment encoding scheme, a real-time reconstruction is provided, so that thousands of paths can be traced simultaneously. Compared with previous PPM schemes, a 50% decrease in convergence time is achieved, while the computation overhead and false positives in reconstruction are greatly reduced.
出处
《软件学报》
EI
CSCD
北大核心
2003年第5期1005-1010,共6页
Journal of Software
基金
浙江省自然科学基金~~
关键词
网络安全
分布拒绝服务
IP回溯
自适应随机数据包标记
计算机网络
Algorithms
Computer simulation
Convergence of numerical methods
Mathematical models
Network protocols
Routers
Security of data
Telecommunication services
