期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于IP欺骗攻击的状态分析法研究 被引量:5

Analysis of the state under IP spoofing
下载PDF
导出
摘要 提出了一种能够在网络中检测并防范IP欺骗攻击的方法 .通过获取网络结点的工作状态 ,分析网络中出现的异常活动 ,给出了因攻击而引起的网络状态的迁移过程 .通过预测分析 ,及时检测出已经存在的IP欺骗攻击 ;通过回溯分析 ,试图找到发起攻击的攻击者 .将状态分析法运用于入侵检测 ,可增强网络抵御IP欺骗攻击的能力 . A method was proposed for the detection of IP spoofing and resistance to it. By obtaining the system data of the host and the abnormal activity emerging in the network, the process of the network-state transition caused by the attack was analyzed. Based on the prediction analysis, the existing IP spoofing could be detected. According to the trace analysis, the real attacker could be found. If this idea is applied in the intrusion detection, the network resistibility under IP spoofing will be reinforced.
作者 陈晓苏 李永辉 肖道举
机构地区 华中科技大学计算机科学与技术学院
出处 《华中科技大学学报(自然科学版)》 EI CAS CSCD 北大核心 2003年第5期3-5,共3页 Journal of Huazhong University of Science and Technology(Natural Science Edition)
关键词 IP欺骗 入侵检测 状态转移图 IP spoofing intrusion detection state transition graph
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献2

  • 1罗铁坚,徐海智,董占球.一种基于网络攻击链路分析法[J].小型微型计算机系统,2001,22(4):405-410. 被引量:3
  • 2Joel Scambray, Stuart McClure, George Kurtz. Hacking exposed: network security secrets and solutions.Beijing: Tsinghua University Press, 2002.

二级参考文献9

  • 1[1]L.T. Heberlein,G. V. Dial, etc, A network security monitor. [C]In Proceedings of the IEEE Symosium on Research in Security and Privacy,Okaland, CA, May 1990 296~304
  • 2[2]S.R. Snapp, etc,DIDS(Distributed Intrusion Detection System) -motivation, architecture, and an early prototype, [C]In Proceedings of the 14th National Computer Security Conference, Washington, DC, October 1991
  • 3[3]S. Cheung, etc, The Design of GrIDS: a graph-based intrusion detection system. [R] Technical Report CSE-99-2, U.C. Davis Computer Science Department, January 1999
  • 4[4]P.A. Porras and P. G. Neumann. EMERALD: event monitoring enabling responses to anomalous live disturbance. [C] In Proceedings of the 1997 National Information System Security Conference, October 1997
  • 5[5]CISCO, Netranger: intrusion detection system. [J] Technical Information, April 1999
  • 6[6]Internet Security System. [J] Introduction to Realsecure Version 3.0, January 1999
  • 7[7]R.A. Kemmerer. NSTATA: a model-based real-time network intrusion detection system. [R]Technical Report TRCS-97-18, Department of Computer Science, UC Santa Barbara, November1997
  • 8[8]R.T. Morris, A Weakness in the 4. 2BSD UNIX TCP/IP Software. [R] Technical report, AT&T Bell Laboratories, February1985
  • 9[9]C. Berge. Hypergraphs, North-Holland, 1989

共引文献2

同被引文献14

  • 1苏一丹,李桂.网络攻击的形式化建模探讨[J].计算机工程与应用,2004,40(23):135-136. 被引量:5
  • 2滕少华,伍乃骐,张巍.基于场景和状态转换分析的入侵检测模型的构建[J].计算机工程,2005,31(19):136-138. 被引量:1
  • 3ROESCHETAL M.Snort-The Open Source NIDS[EB/OL].http://www.snort.org/,2005-10-18.
  • 4LIGUN K,KEMMERER R A.State transition annlysis:Arule-based intrusion detection approach[J].IEEE Transactions on Software Engineering,1995,21(3):181-199.
  • 5VIGNA G,RICHARD A.Netstat:A network-based intrusion detection system[J].Journal of Computer Security,1999,7(1):37-71.
  • 6HOPCROFT John E.自动机理论、语言和计算机导论[M].刘田,等译.北京:机械工业出版社,2005.
  • 7TIDWELL T,LARSON R,FITCH K,et al.Modeling internet attacks:proceedings of the 2001 IEEE workshop on information assurance and security[C].[S.l.]:[s.n.],2001:54-59.
  • 8蒋总礼,姜守旭.形式语言与自动机理论[M].北京:清华大学出版社,2003.
  • 9张普兵,郭广猛,廖成君.Internet中的电子欺骗攻击及其防范[J].计算机应用,2001,21(1):32-34. 被引量:6
  • 10罗铁坚,徐海智,董占球.一种基于网络攻击链路分析法[J].小型微型计算机系统,2001,22(4):405-410. 被引量:3

引证文献5

二级引证文献6

华中科技大学学报(自然科学版)
2003年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部