摘要
提出了一种能够在网络中检测并防范IP欺骗攻击的方法 .通过获取网络结点的工作状态 ,分析网络中出现的异常活动 ,给出了因攻击而引起的网络状态的迁移过程 .通过预测分析 ,及时检测出已经存在的IP欺骗攻击 ;通过回溯分析 ,试图找到发起攻击的攻击者 .将状态分析法运用于入侵检测 ,可增强网络抵御IP欺骗攻击的能力 .
A method was proposed for the detection of IP spoofing and resistance to it. By obtaining the system data of the host and the abnormal activity emerging in the network, the process of the network-state transition caused by the attack was analyzed. Based on the prediction analysis, the existing IP spoofing could be detected. According to the trace analysis, the real attacker could be found. If this idea is applied in the intrusion detection, the network resistibility under IP spoofing will be reinforced.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2003年第5期3-5,共3页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
关键词
IP欺骗
入侵检测
状态转移图
IP spoofing
intrusion detection
state transition graph