| 对等网络泛洪DDoS攻击的防御机制 |
| |
| 引用本文: | 耿技,马新新.对等网络泛洪DDoS攻击的防御机制[J].电子科技大学学报(自然科学版),2009,38(6):987-992. |
| |
| 作者姓名: | 耿技 马新新 |
| |
| 作者单位: | 1.电子科技大学计算机科学与工程学院 成都 610054 |
| |
| 摘 要: | 研究Gnutella协议的P2P网络中DDoS攻击,提出一种分布式的基于节点标识识别和节点流量实时检测过滤的自适应性DDoS攻击防御机制。通过在节点本地构建的信任和信誉机制对恶意节点主动阻断及对消息包的DDoS攻击特征的实时检测策略,实现对DDoS攻击的防范。仿真实验结果表明,该机制能有效地隔断网络中75%恶意消息数,节点能阻断80%的恶意消息数的转发,提高了网络抵御DDoS攻击的效能。
|
| 关 键 词: | 分布式拒绝服务攻击 流量过滤 Gnutella协议 负载均衡 对等网 信任和信誉 |
| 收稿时间: | 2008-08-29 |
Mechanism of Defending P2P from Flooding-Based DDoS Attack |
| |
| Affiliation: | 1.School of Computer Science and Engineering,University of Electronic Science and Technology of China Chengdu 610054 |
| |
| Abstract: | A distributed self-adaptive defense mechanism based on peer identification and real-time flow filtering is proposed in this paper under the research of DDos attacks in P2P network which is established on Gnutella protocol. In this mechanism, peers in such network can actively block the connection with malicious nodes by building local trust and reputation mechanism and keep away DDos attacks through real-time detection of the characteristic of DDos attack. Simulation result shows that our proposed distributed defense mechanism against DDos attacks can effectively improve the network resistance by obstructing 75% of the malicious messages and blocking 80% of the retransmission of them. |
| |
| Keywords: | DDoS flow filtering Gnutella load balancing P2P trust and reputation |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《电子科技大学学报(自然科学版)》下载全文 |
