| 基于信息熵的DNS拒绝服务攻击的检测研究 |
| |
| 引用本文: | 严 芬,丁 超,殷新春.基于信息熵的DNS拒绝服务攻击的检测研究[J].计算机科学,2015,42(3):140-143. |
| |
| 作者姓名: | 严 芬 丁 超 殷新春 |
| |
| 作者单位: | 扬州大学信息工程学院 扬州225127,扬州大学信息工程学院 扬州225127,扬州大学信息工程学院 扬州225127 |
| |
| 摘 要: | DNS服务器在Internet中具有至关重要的作用,对它进行攻击会影响网络向用户提供正常的服务。DNS Query Flood攻击是最为常见的一种攻击方式,它向DNS服务器发送大量伪造的域名解析请求,消耗DNS服务器的资源,造成拒绝服务。及时检测到此类攻击的存在至关重要。在研究DNS解析过程的基础上,总结DNS Query Flood攻击的特点;根据攻击的特点,结合信息熵来判断网络是否出现异常;利用滑动窗口机制来确定是否存在攻击。
|
| 关 键 词: | DNS Query Flood 拒绝服务 域名解析成功率 信息熵 滑动窗口 |
Research on Exploiting DoS Attack Against DNS Based on Information Entropy |
| |
| YAN Fen,DING Chao and YIN Xin-chun.Research on Exploiting DoS Attack Against DNS Based on Information Entropy[J].Computer Science,2015,42(3):140-143. |
| |
| Authors: | YAN Fen DING Chao and YIN Xin-chun |
| |
| Affiliation: | College of Information Engineering,Yangzhou University,Yangzhou 225127,China,College of Information Engineering,Yangzhou University,Yangzhou 225127,China and College of Information Engineering,Yangzhou University,Yangzhou 225127,China |
| |
| Abstract: | DNS server has a vital role in the Internet,and it will affect the network to provide normal services to users if DNS is attacked.DNS Query Flood attack sends a lot of fake DNS request to the DNS server,consumes the DNS server resources and causes denial of service.So it is very important to detect timely the attack.Based on the study of the DNS resolution process,we summed up the characteristics of the DNS Query Flood attack.According to the characteristics of attack,we combined the information entropy to determine whether a network abnormalities,and then used sliding window mechanism to determine whether there is any attack. |
| |
| Keywords: | DNS query flood Denial of service Domain name resolution success rate Information entropy Sliding window |
| 本文献已被 CNKI 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
