期刊文献+
共找到6篇文章
< 1 >
每页显示 20 50 100
Experimental Evaluation of Juniper Network's Netscreen-5GT Security Device against Layer4 Flood Attacks 被引量:2
1
作者 Sanjeev Kumar Raja Sekhar Reddy Gade 《Journal of Information Security》 2011年第1期50-58,共9页
Cyber attacks are continuing to hamper working of Internet services despite increased use of network secu-rity systems such as firewalls and Intrusion protection systems (IPS). Recent Distributed Denial of Service (DD... Cyber attacks are continuing to hamper working of Internet services despite increased use of network secu-rity systems such as firewalls and Intrusion protection systems (IPS). Recent Distributed Denial of Service (DDoS) attacks on Dec 8th, 2010 by Wikileak supporters on Visa and Master Card websites made headlines on prime news channels all over the world. Another famous DDoS attacks on Independence Day weekend, on July 4th, 2009 were launched to debilitate the US and South Korean governments’ websites. These attacks raised questions about the capabilities of the security systems that were used in the network to counteract such attacks. Firewall and IPS security systems are commonly used today as a front line defense mechanism to defend against DDoS attacks. In many deployments, performances of these security devices are seldom evaluated for their effectiveness. Different security devices perform differently in stopping DDoS attacks. In this paper, we intend to drive the point that it is important to evaluate the capability of Firewall or IPS secu-rity devices before they are deployed to protect a network or a server against DDoS attacks. In this paper, we evaluate the effectiveness of a security device called Netscreen 5GT (or NS-5GT) from Juniper Networks under Layer-4 flood attacks at different attack loads. This security device NS-5GT comes with a feature called TCP-SYN proxy protection to protect against TCP-SYN based DDoS attacks, and UDP protection feature to protect against UDP flood attacks. By looking at these security features from the equipments data sheet, one might assume the device to protect the network against such DDoS attacks. In this paper, we con-ducted real experiments to measure the performance of this security device NS-5GT under the TCP SYN and UDP flood attacks and test the performance of these protection features. It was found that the Juniper’s NS-5GT mitigated the effect of DDoS traffic to some extent especially when the attack of lower intensity. However, the device was unable to provide any protection against Layer4 flood attacks when the load ex-ceeded 40Mbps. In order to guarantee a measured level of security, it is important for the network managers to measure the actual capabilities of a security device, using real attack traffic, before they are deployed to protect a critical information infrastructure. 展开更多
关键词 Distributed DENIAL of Service (DDoS) TCP-SYN flood attack TCP-SYN PROXY Protection FIREWALL Security udp flood attack
下载PDF
随机公平队列对UDP洪流的抑制效果分析
2
作者 于明 《计算机科学》 CSCD 北大核心 2009年第9期67-69,共3页
随机公平队列(Stochastic Fairness Queueing,SFQ)是一种典型的公平队列调度算法。UDP洪流是实施DDoS攻击的一种主要攻击手段。研究了SFQ调度和网络中广泛应用的先到先服务(First Come First Server,FCFS)队列调度策略对UDP洪流攻击的... 随机公平队列(Stochastic Fairness Queueing,SFQ)是一种典型的公平队列调度算法。UDP洪流是实施DDoS攻击的一种主要攻击手段。研究了SFQ调度和网络中广泛应用的先到先服务(First Come First Server,FCFS)队列调度策略对UDP洪流攻击的抑制效果。基于多协议网络模拟平台NS2的仿真结果表明,FCFS调度难以对UDP洪流攻击产生有效的抑制作用,而SFQ调度却能在一定程度上抑制该攻击。 展开更多
关键词 udp洪流 队列调度 DDOS SFQ 攻击抑制
下载PDF
关于针对DDoS中Flood攻击的防御系统的研究
3
作者 胥秋华 李小勇 《微型电脑应用》 2006年第9期1-3,24,共4页
本文主要针对DDoS中的Flood攻击的攻击特点,提出一种防御系统的结构,能够满足对不同Flood攻击检测的简易性、有效性的要求,并且与网络的地理位置、拓扑结构规模无关。该系统主要划分为检测攻击和确定攻击目标两个阶段。检测攻击阶段根... 本文主要针对DDoS中的Flood攻击的攻击特点,提出一种防御系统的结构,能够满足对不同Flood攻击检测的简易性、有效性的要求,并且与网络的地理位置、拓扑结构规模无关。该系统主要划分为检测攻击和确定攻击目标两个阶段。检测攻击阶段根据时攻击特征有较好描述性的源地址、目标地址、TCP报文的标志以及ICMP报文的类型,检测攻击是否发生。当检测出攻击发生,启动确定攻击目标阶段,找山攻击目标的具体IP地址。最后综合这两阶段的结果,提取攻击特征,将满足这些特征的数据包过滤掉,达到防御的效果。 展开更多
关键词 DDo flood攻击 SYNflood udpflood ICMPflood MULTOPS结构
下载PDF
McAfee SecurityCenter Evaluation under DDoS Attack Traffic
4
作者 Sirisha Surisetty Student Member Sanjeev Kumar 《Journal of Information Security》 2011年第3期113-121,共9页
During the Distributed Denial of Service (DDoS) attacks, computers are made to attack other computers. Newer Firewalls now days are providing prevention against such attack traffics. McAfee SecurityCenter Firewall is ... During the Distributed Denial of Service (DDoS) attacks, computers are made to attack other computers. Newer Firewalls now days are providing prevention against such attack traffics. McAfee SecurityCenter Firewall is one of the most popular security software installed on millions of Internet connected computers worldwide. “McAfee claims that if you have installed McAfee SecurityCentre with anti-virus and antispyware and Firewall then you always have the most current security to combat the ever-evolving threats on the Internet for the duration of the subscription”. In this paper, we present our findings regarding the effectiveness of McAfee SecurityCentre software against some of the popular Distributed Denial Of Service (DDoS) attacks, namely ARP Flood, Ping-flood, ICMP Land, TCP-SYN Flood and UDP Flood attacks on the computer which has McAfee SecurityCentre installed. The McAfee SecurityCentre software has an in built firewall which can be activated to control and filter the Inbound/Outbound traffic. It can also block the Ping Requests in order to stop or subside the Ping based DDoS Attacks. To test the McAfee Security Centre software, we created the corresponding attack traffic in a controlled lab environment. It was found that the McAfee Firewall software itself was incurring DoS (Denial of Service) by completely exhausting the available memory resources of the host computer during its operation to stop the external DDoS Attacks. 展开更多
关键词 Distributed DENIAL of Service (DDoS) attack MCAFEE FIREWALL NonPaged Pool Allocs ARP flood Ping-flood ICMP Land TCP-SYN flood udp flood attack
下载PDF
一种主动防御UDP Flood攻击的机制 被引量:1
5
作者 邹长忠 王晶海 《福州大学学报(自然科学版)》 CAS CSCD 北大核心 2010年第2期198-201,共4页
在传统防御UDPFlood攻击的基础上研究新的处理过程,提出了一种主动防御UDPFlood攻击的机制.该机制主要通过攻击防御前的数据包特征检查及未验证表和已验证表的调用进行攻击防御.测试表明,该机制能在保证正常网络通信情况下,实现对攻击... 在传统防御UDPFlood攻击的基础上研究新的处理过程,提出了一种主动防御UDPFlood攻击的机制.该机制主要通过攻击防御前的数据包特征检查及未验证表和已验证表的调用进行攻击防御.测试表明,该机制能在保证正常网络通信情况下,实现对攻击包的拦截,有效防御UDPFlood攻击. 展开更多
关键词 主动防御 udp flood攻击 特征检查 验证表
原文传递
分布式拒绝服务攻击及防御
6
作者 张鹏骞 《衡水学院学报》 2018年第3期1-4,共4页
DDOS主要是借助于客户端与服务器端技术,使处于不同区域的多个计算机联合起来,对其他区域的一个或多台计算机进行控制,然后利用这些计算机对目标实施攻击。DDOS攻击是网络安全防范难题,其特点是隐藏性强、攻击范围广。DDOS攻击的目的有2... DDOS主要是借助于客户端与服务器端技术,使处于不同区域的多个计算机联合起来,对其他区域的一个或多台计算机进行控制,然后利用这些计算机对目标实施攻击。DDOS攻击是网络安全防范难题,其特点是隐藏性强、攻击范围广。DDOS攻击的目的有2个:一是消耗网络带宽资源;二是消耗服务器系统资源。SYN Flood和UDP Flood是流量最大的两种攻击类型。源端防御可以从出口过滤及DWARD、COSSACK几个方面入手;中端防御指的是在DDOS发起攻击的途中采取的有效的防范措施;容忍性及主机系统的增强和提高,网络安全性过滤为拒绝服务终端的防御对策技术的主要方面。 展开更多
关键词 分布式拒绝服务攻击 网络 udp协议 SYN flood攻击
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部