| 基于SYN Cookie下防分布式拒绝服务攻击算法的分析与实现 |
| |
| 引用本文: | 沈清,金心宇,周绮敏. 基于SYN Cookie下防分布式拒绝服务攻击算法的分析与实现[J]. 计算机应用, 2005, 25(12): 2745-2747 |
| |
| 作者姓名: | 沈清 金心宇 周绮敏 |
| |
| 作者单位: | 浙江大学,信息与电子工程学系,浙江,杭州,310027;浙江大学,通信与信息工程研究所,浙江,杭州,310027 |
| |
| 摘 要: | 介绍了分布式拒绝服务(Distributed Denial of Service,DDoS)根据TCP/IP缺陷的攻击原理,在分析了数据包流量与系统资源使用率检测的基础上,提出了在SYN Cookie中引入RSA公钥加密过滤TCP/IP数据包的方法,用来检测与降低DDoS攻击的危害,该方法在实验中的测试阶段取得了较好的效果。
|
| 关 键 词: | 分布式拒绝服务 SYN Cookie RSA 传输控制协议 洪流攻击 |
| 文章编号: | 1001-9081(2005)12-2745-03 |
| 收稿时间: | 2005-06-13 |
| 修稿时间: | 2005-06-132005-08-19 |
Analysis and realization of anti-DDoS attack algorithm based on the SYN Cookie mechanism |
| |
| SHEN Qing,JIN Xin-yu,ZHOU Qi-min. Analysis and realization of anti-DDoS attack algorithm based on the SYN Cookie mechanism[J]. Journal of Computer Applications, 2005, 25(12): 2745-2747 |
| |
| Authors: | SHEN Qing JIN Xin-yu ZHOU Qi-min |
| |
| Affiliation: | 1. Department of Information Science and Electronic Engineering, Zhefiang University, Hangzhou Zhefiang 310027, China; 2. Institute of Communication and Information Engineering, Zhefiang University, Hangzhou Zhejiang 310027, China |
| |
| Abstract: | The principle of DDoS(Distributed Denial of Service) useing the limitation of TCP/IP was introduced.Based on the monitor on the network packet traffic and the useage of the system resource,a method that leads the RSA algorithm into the SYN Cookie mechanism to encrypt and filtrate the IP packets was proposed,which can detect and reduce the damage of DDoS.The method have maken a good performance in the experimentation. |
| |
| Keywords: | Distributed Denial of Service(DDoS) SYN Cookie RSA TCP flooding attacks |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
