|
|||||
|
|
| 一种检测DDoS攻击主控端的方法 | |
| 引用本文: | 种灵子,杨木清,焦忭忭. 一种检测DDoS攻击主控端的方法[J]. 信息安全与通信保密, 2008, 0(2): 68-69 |
| 作者姓名: | 种灵子 杨木清 焦忭忭 |
| 作者单位: | 1. 中南民族大学计算机科学学院,湖北,武汉,430074,China 2. 中南民族大学网络技术中心,湖北,武汉,430074,China 3. 山东交通学院信息工程系,山东,济南,250023,China |
| 摘 要: | 文章利用分布式拒绝服务攻击(DDoS)主控端通过控制大量傀儡机进行攻击的特点,以蜜罐技术为基础提出一种新的检测DDoS中主控端的方法。将蜜罐机伪装成受控制的傀儡机,通过监视其与主控端的通信,分析捕获的数据包,获取主控端及攻击信息,并将这些信息整理分发,便于为攻击目标提供预警,收集入侵证据,阻止攻击行为。 |
| 关 键 词: | 蜜罐 分布式拒绝服务攻击 入侵检测系统 |
| 文章编号: | 1009-8054(2008)02-0068-02 |
| 修稿时间: | 2007-08-21 |
A Method of Detecting the Handler on DDoS Attacks |
|
| CHONG Ling-zi,YANG Mu-qing,JIAO Bian-bian. A Method of Detecting the Handler on DDoS Attacks[J]. China Information Security, 2008, 0(2): 68-69 | |
| Authors: | CHONG Ling-zi YANG Mu-qing JIAO Bian-bian |
| Affiliation: | 1Department of Computer Science; South-Central University for Nationalities; Wuhan Hubei 430074; China; 2Network Center; 3Department of Information and Technology; Shandong Jiaotong University; Jinan Shandong 250023; China); |
| Abstract: | This paper analyszes the principles of DDoS attack and proposes a method for detecting the handler of DDoS attacks. Concealing honeypot from the handler by disguising them as the puppets and recording the communication be-tween honeypot and the handler, the message of the handler can thus be captured. |
| Keywords: | honeypot DDoS IDS |
| 本文献已被 维普 万方数据 等数据库收录! | |