| DDoS下的TCP洪流攻击及对策 |
| |
| 引用本文: | 孙曦,朱晓妍,王育民.DDoS下的TCP洪流攻击及对策[J].网络安全技术与应用,2004(4):31-34. |
| |
| 作者姓名: | 孙曦 朱晓妍 王育民 |
| |
| 作者单位: | 西安电子科技大学ISN国家重点实验室,西安,710071 |
| |
| 基金项目: | 国家863项目(2002AA143021)资助 |
| |
| 摘 要: | 分布式拒绝服务攻击(DDoS)是近年来出现的一种极具攻击力的Internet攻击手段,而TCP洪流攻击是其最主要的攻击方式之一。本文提出了一种针对TCP洪流攻击的本地攻击检测-过滤LADF机制,其部署于受害者及其上游ISP网络。该机制综合使用了一种基于信息熵的异常检测技术、SYN-cookie技术和“红名单”技术来检测攻击报文,最终结合新型防火墙技术,构建起一个完善的本地DDoS防御系统。
|
| 关 键 词: | DDoS TCP洪流 LADF 消息认证码MAC |
TCP Flooding Attack based on DDoS and Its Countermeasures |
| |
| Sun Xi,Zhu Xiao-yan,Wang Yu-minNational Key Lab. of Integrated Services Network,Xidian Univ.,Xian.TCP Flooding Attack based on DDoS and Its Countermeasures[J].Net Security Technologies and Application,2004(4):31-34. |
| |
| Authors: | Sun Xi Zhu Xiao-yan Wang Yu-minNational Key Lab of Integrated Services Network Xidian Univ Xian |
| |
| Affiliation: | Sun Xi,Zhu Xiao-yan,Wang Yu-minNational Key Lab. of Integrated Services Network,Xidian Univ.,Xian 710071 |
| |
| Abstract: | Distributed Denial of Service (DDoS) attacks are a virulent, relatively new type of attack on theavailability of Internet services and resources, which TCP Flooding attack is one of the most importantattack methods. This paper proposed a Local Attack Detection-Filtering (LADF) mechanism that aims atTCP Flooding attack. It can be deployed in the victim and its upstream ISP networks. It proposed SYN-cookie technology, "Red-list" technology, and a new abnormal detection technology based on informa-tion entropy to detection the attack packets. |
| |
| Keywords: | DDoS TCP Flooding LADF MAC |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
