首页 | 本学科首页   官方微博 | 高级检索  
     

通过自适应随机数据包标记实现实时IP回溯
引用本文:梁丰,赵新建.通过自适应随机数据包标记实现实时IP回溯[J].软件学报,2003,14(5):1005-1010.
作者姓名:梁丰  赵新建
作者单位:1. 浙江工业大学浙江省光纤通信技术重点实验室,浙江,杭州,310014
2. 普度大学计算机科学系,印第安那州,IN47907,美国
基金项目:Supported by the Natural Science Foundation of Zhejiang Province of China under Grant No.602112 (浙江省自然科学基金); theCenter for Education and Research in Information Assurance and Security (CERIAS)
摘    要:随机数据包标记(PPM)是对拒绝服务攻击进行IP回溯的一种实用而有效的方法.提供了一种自适应的PPM算法:一个路由器按一个与路过的数据包已传输距离自适应的概率标记该数据包,从而被攻击者可以以最短的收敛时间重构一个攻击路径.通过一个新的称为标注片段编码的IP重载方案,实现了实时的重构,从而能同时回溯数千条路径.与以前的PPM方案相比,收敛时间减少了50%,同时大大减少了重构计算量和伪证性.

关 键 词:网络安全  分布拒绝服务  路由器  IP回溯  随机数据包标记
收稿时间:1/7/2002 12:00:00 AM
修稿时间:2002/8/27 0:00:00

Real Time IP Traceback with Adaptive Probabilistic Packet Marking
LIANG Feng and ZHAO Xin-Jian.Real Time IP Traceback with Adaptive Probabilistic Packet Marking[J].Journal of Software,2003,14(5):1005-1010.
Authors:LIANG Feng and ZHAO Xin-Jian
Abstract:Probabilistic packet marking (PPM) is a practical and effective method for IP traceback ofdenial-of-service (DOS) attack. In this paper, an adaptive PPM algorithm is presented: a router marks a passingpacket with a probability which is adaptive to the distance that the packet has traversed, so that a minimumconvergence time for an attacking path can be achieved in the victim. With a new IP header overloading scheme, thelabeled fragment encoding scheme, a real-time reconstruction is provided, so that thousands of paths can be tracedsimultaneously. Compared with previous PPM schemes, a 50% decrease in convergence time is achieved, while thecomputation overhead and false positives in re construction are greatly reduced.
Keywords:network security  DDoS  router  IP traceback  PPM
本文献已被 CNKI 维普 万方数据 等数据库收录!
点击此处可从《软件学报》浏览原始摘要信息
点击此处可从《软件学报》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号