期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于权重包标记策略的IP跟踪技术研究 被引量:9

IP Traceback Based on Weight Marking Scheme
下载PDF
导出
摘要 针对Internet中普遍存在的匿名服务拒绝攻击 (DistributedDenialofService ,DDoS) ,该文提出权重标记IP跟踪策略 (WeightMarkingScheme ,WMS) .现有的IP跟踪策略存在较高的误报率 ,WMS通过引入HASH函数 ,将 32× 2位的IP地址压缩到 11位 ,减少跟踪路径的误报率 .另一方面 ,已有的IP包跟踪技术构造的多个候选攻击路径间没有权重的差异 ,WMS将权重信息加入到各个候选攻击路径 ,通过和正常情况下的候选攻击路径权重进行比较 ,可更好地分析真正攻击源 .理论和实验结果表明该策略与FMS(FragmentMarkingScheme)、AMS(AdvancedMarkingScheme)相比较 ,在降低误报率、发现真正的攻击源和算法复杂度等方面有较大的提高 . To Defend against DDoS on the Internet, this paper presents a Weight Marking Scheme (WMS) to trace the source of the attacks. To resolve the problem of high false position rate, WMS research the character of HASH. Using the combination of optimum HASH, WMS compresses the IP form 64 bits to 11 bits and reduces the false position rate. In pervious works, there are no differences between the attack paths. WMS imports the weight information to edges and paths, so the victim can find the attack paths more clearly by comparing weight of paths in the normal condition with weight of paths in the abnormal condition. Both the theory and the experiment result show the validity of WMS.
作者 徐永红 杨云 刘凤玉 曹立鑫
机构地区 南京理工大学计算机系
出处 《计算机学报》 EI CSCD 北大核心 2003年第11期1598-1603,共6页 Chinese Journal of Computers
基金 国家"八六三"高技术研究发展计划项目 ( 2 0 0 2AA113 161) 国家自然科学基金 ( 69973 0 2 0 ) 国家应用基础基金 (J13 0 0D0 0 4)资助
关键词 网络攻击 权重包标记策略 IP包跟踪技术 INTERNET 匿名服务拒绝攻击 network security distributed denial of service packed marking IP traceback
分类号 TP393.4 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Ferguson P, Senie D. Network ingress filtering: Defeating denial of service attack which employ IP source address spoofing. RFC 2817, 2000
  • 2Oliver S, Larry P. Defending against denial of service attacks in scout. In: Proceeding of the 1999 USENIX/ACM Symposium on Operating System Design and Implementation, Monterey, California, USA, 1999. 59~72
  • 3Robert Stone. CenterTrack: An IP overlay network for tracking DoS floods. In: Proceedings of 2000 USENIX Security Symposium, Denver, Colorado, USA, 2000.199~212
  • 4Burch H, Cheswick B. Tracing anonymous packets to their approximate source. In: Proceedings of 2000 USENIX LISA Conference, Seattle, Washington, USA, 2000.319~327
  • 5Sager G. Security fun with OCxmon and cflowd. Presentation at the Internet 2Working Group, 1998
  • 6Bellovin S. ICMP traceback messages. Internet Draft: draft-bellovin-itrace-00.txt, Network Working Group Bellovin Internet Draft AT&T Labs, 2000
  • 7Dean D, Franklin M, Stubblefield A. An algebraic approach to IP traceback. In: Proceedings of 2001 Network and Distributed System Security Symposium, Sand Diego, California, USA, 2001.3~12
  • 8Savage S, Wetherall D. Network support for IP traceback. IEEE/ACM Transactions on Networking, 2001, 9(3):226~237
  • 9Song D, Perrig A. Advanced and authenticated marking schemes for IP traceback. In:Proceedings of the IEEE INFOCOM, Anchorage, Alaska USA, 2001,2:878~886
  • 10Stoica I, Zhang H. Providing guaranteed services without per flow management. In:Proceedings of the ACM SIGCOMM'99, Cambridge, MA, USA, 1999. 81~94

同被引文献63

  • 1李德全,徐一丁,苏璞睿,冯登国.IP追踪中的自适应包标记[J].电子学报,2004,32(8):1334-1337. 被引量:33
  • 2高能,冯登国,向继.一种基于数据挖掘的拒绝服务攻击检测技术[J].计算机学报,2006,29(6):944-951. 被引量:44
  • 3SAVAGE S, WETHERALL D, KARLIN A, et al. Practical network support for IP traceback [ C]// Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication. New York: ACM Press, 2000:295-306.
  • 4SONG D, PERRIG A. Advanced and authenticated marking schemes for IP traceback [ C]//Proceedings of Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies: INFO- COMM 2001. Washington, DC: IEEE Computer and Communications Soeieties, 2001, 2:878-$86.
  • 5DEAN D, FRANKLIN M, STUBBLEFIELD A. An algebraic approach to IP traceback[ J]. ACM Transactions on Information and System Security (TISSEC), 2002, 5(2): 119- 137.
  • 6YEAR A, PERRIG A, SONG D. FIT: fast Intemet traceback[ C]// Proceedings of 24th Annual Joint Conference of the IEEE Computer and Communications Societies: INFOCOMM 2005. Washington, DC: IEEE Computer and Communications Societies, 2005:1395 - 1406.
  • 7LIU J, LEE Z-J, CHUNG Y-C. Dynamic probabilistic packet marking for efficient IP traceback[ J]. Computer Networks: The International Journal of Computer and Telecommunications Networking, 2007, 51(3) : 866 -882.
  • 8MOORE D, VOELKER G,SAVAGE S. Inferring Internet denial-of- service activity[ C ]//Proc of the 10th ACM USENIX Security Symposium. USA :ACM Press,2002:9-22.
  • 9BRODER A, MITZENMACHER M. Network applications of Bloom filters: a survey [J]. Internet Mathematics,2005,1 (4) :485-509.
  • 10SAVAGE S, WETHERALL D, KARLIN A, et al. Practical network support for IP traceback[ C ]//Proc of ACM SIGCOMM.2000:295-3(}6.

引证文献9

二级引证文献16

计算机学报
2003年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部