| 基于主机防御DOS攻击的算法及其实现 |
| |
| 引用本文: | 王文奇,李伟华,史兴键.基于主机防御DOS攻击的算法及其实现[J].计算机工程与应用,2004,40(12):15-17,47. |
| |
| 作者姓名: | 王文奇 李伟华 史兴键 |
| |
| 作者单位: | 西北工业大学计算机学院,西安,710072 |
| |
| 基金项目: | 国家863高技术研究发展计划:集成化网络安全防卫系统(编号:2003AA142060) |
| |
| 摘 要: | 如何防御DOS攻击是网络安全中一个重要的方向。文章从防止DOS攻击的算法入手,提出了一种基于状态转换和信任度的主机防御DOS攻击算法。该算法通过记录每个连接的状态及信任度,判断进入主机的IP数据包是否为攻击包,从而阻止或通过该IP包。试验测试证明,该算法能在保证正常的网络通讯和计算机操作的同时,抵御多种DOS攻击。
|
| 关 键 词: | DOS攻击 状态转换 信任度 |
| 文章编号: | 1002-8331-(2004)12-0015-03 |
The Implementation of New Algorithmic about Defense DOS Attack |
| |
| Wang Wenqi,Li,Weihua Shi,Xingjian.The Implementation of New Algorithmic about Defense DOS Attack[J].Computer Engineering and Applications,2004,40(12):15-17,47. |
| |
| Authors: | Wang Wenqi Li Weihua Shi Xingjian |
| |
| Abstract: | For network security,it is important to defend from DOS attack.This paper proposes an algorithm based on state transfer and creditability.The algorithm records state and calculates the creditability of every connection.From the results of calculation,the algorithm can judge the connection's legitimacy.Authors test it under linux8.0,the CPU usage can be hold below70%when under attacking(the attack tools that used include SYN flooding,smurf flooding,TFN2K,SYN flood,ICMP flooding,etc).According to upon,this algorithm can defend lots DOS attack efficiently. |
| |
| Keywords: | DOS attack State transfer Creditability |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
