共查询到18条相似文献,搜索用时 125 毫秒
1.
邹波 《数字社区&智能家居》2006,(11)
典型的Dos攻击—SYNflood—对于使用传统TCP协议的网络服务来说是一个很头疼的问题,应对这个问题的一个有效方案是Bernstein提出的SYNcookies方法,而SCTP也使用了类似的机制。本文将探讨TCP与SCTP中是怎样利用cookie的思想来防范Dos攻击的,并用实验比较TCP与SCTP在抵御Dos攻击时的实际性能。 相似文献
2.
3.
SYN Flood是一种典型的拒绝服务攻击技术,它利用TCP协议的安全漏洞危害网络,目前还没有很好的办法彻底解决SYN Flood攻击问题。分析了3种现有的SYN Flood防御模型:SYN Cookie、SYN Gateway和SYN Proxy,提出了增强的SYN Proxy防御模型,研究了其相关的防御算法,并基于Linux平台进行了实现,最后对防御模型进行了测试。测试结果表明,增强的SYN Proxy模型能抵御高强度的SYN Flood攻击,较之现有的模型有更好的优越性。 相似文献
4.
前一阵子我管理的局域网被SYN Flood方式攻击了,造成了严重的瘫痪。为了解决问题,公司选购了专门防范DoS(SYN Flood攻击是Dos攻击方式中的一种)攻击的硬件防火墙——“黑洞”(“绿盟”出品的硬件防火墙,市场售价160000元左右)。但它是否能够有效地防止SYN Flood攻击呢?让我拿数据来证明一切。 相似文献
5.
一种基于无状态连接请求验证的SYN湮没攻击防御方法 总被引:1,自引:0,他引:1
已有SYN湮没攻击检测防御技术存在一个共性缺陷,就是在验证连接请求有效前分配一定的系统资源保存连接状态,基于无状态连接请求验证的方法可以有效地解决这一问题,但已有的方法存在验证有效后无法完整建立TCP连接、通讯双方状态不一致等问题.本文提出一种新的基于无状态连接请求验证的网关级SYN湮没攻击防御方法,该方法在解决已有问题并兼容现有TCP/IP协议栈实现的基础上,可实现对不同操作系统SYN湮没攻击的有效防御. 相似文献
6.
浅议TCP SYN Flooding攻击 总被引:2,自引:0,他引:2
介绍了TCP协议建立连接的过程及存在的安全问题,以及由此而引起的TCP SYN Flooding(TCP SYN洪流)拒绝服务攻击,并介绍了几种简便有效的防范措施。 相似文献
7.
8.
SYN Flood是目前流行的DDOS攻击手段,能够极为有效地攻击网站服务器,使得服务器资源耗尽而无法提供正常服务.由于利用了TCP/IP的协议漏洞,很难从根本上进行防范.给出一种在路由器上利用SYN Cookie机制实现对SYN Flood的防御,能够有效地保护服务器不受SYN Flood攻击,同时不会增加路由器的负担. 相似文献
9.
SYN-Flood是目前最流行的DDoS攻击手段。是一种蓄意侵入三次握手并打开大量半开TCP/IP连接而进行的攻击。本文介绍了SYN Flood攻击的原理机制/检测与防范方法。 相似文献
10.
《计算机应用与软件》2016,(11)
为了有效防御分布式SYN Flood攻击,提出一种基于轻量级检测和混合连接策略的防御模型。该防御模型使用客户端IP地址和TCP端口的熵、SYN和ACK报文的径向基进行SYN Flood攻击检测,并根据检测结果选择标准TCP连接模式和基于防火墙代理的连接模式。基于防火墙代理的连接模式能够避免SYN Proxy防御模型中频繁修改TCP报文序列号、确认号的操作。实验结果表明,该防御模型能够有效降低防火墙的资源消耗,具有更好的防御效果。 相似文献
11.
Ilknur Aydin Janardhan Iyengar Phillip Conrad Chien-Chung Shen Paul Amer 《Computer Networks》2012,56(7):1876-1892
In prior work, a CMT protocol using SCTP multihoming (termed SCTP-based CMT) was proposed and investigated for improving application throughput. SCTP-based CMT was studied in (bottleneck-independent) wired networking scenarios with ns-2 simulations. This paper studies the TCP-friendliness of CMT in the Internet. In this paper, we surveyed historical developments of the TCP-friendliness concept and argued that the original TCP-friendliness doctrine should be extended to incorporate multihoming and SCTP-based CMT.Since CMT is based on (single-homed) SCTP, we first investigated TCP-friendliness of single-homed SCTP. We discovered that although SCTP’s congestion control mechanisms were intended to be “similar” to TCP’s, being a newer protocol, SCTP specification has some of the proposed TCP enhancements already incorporated which results in SCTP performing better than TCP. Therefore, SCTP obtains larger share of the bandwidth when competing with a TCP flavor that does not have similar enhancements. We concluded that SCTP is TCP-friendly, but achieves higher throughput than TCP, due to SCTP’s better loss recovery mechanisms just as TCP-SACK and TCP-Reno perform better than TCP-Tahoe.We then investigated the TCP-friendliness of CMT. Via QualNet simulations, we found out that one two-homed CMT association has similar or worse performance (for smaller number of competing TCP flows) than the aggregated performance of two independent, single-homed SCTP associations while sharing the link with other TCP connections, for the reason that a CMT flow creates a burstier data traffic than independent SCTP flows. When compared to the aggregated performance of two-independent TCP connections, one two-homed CMT obtains a higher share of the tight link bandwidth because of better loss recovery mechanisms in CMT. In addition, sharing of ACK information makes CMT more resilient to losses. Although CMT obtains higher throughput than two independent TCP flows, CMT’s AIMD-based congestion control mechanism allows other TCP flows to co-exist in the network. Therefore, we concluded that CMT is TCP-friendly, similar to two TCP-Reno flows are TCP-friendly when compared to two TCP-Tahoe flows. 相似文献
12.
13.
SCTP: a proposed standard for robust Internet data transport 总被引:1,自引:0,他引:1
The stream control transmission protocol (SCTP) is an evolving general purpose Internet transport protocol designed to bridge the gap between TCP and UDP. SCTP evolved from a telephony signaling protocol for IP networks and is now a proposed standard with the Internet Engineering Task Force. Like TCP, SCTP provides a reliable, full-duplex connection and mechanisms to control network congestion. However, SCTP expands transport layer possibilities beyond TCP and UDP, offering new delivery options that are particularly desirable for telephony signaling and multimedia applications. 相似文献
14.
Similar to TCP and UDP, the stream control transmission protocol (SCTP) is a transport protocol providing end-to-end communication. SCTP was originally designed within the IETF Signaling Transport (SIGTRAN) working group to address TCP's shortcomings relating to telephony signaling over IP networks. SCTP has since evolved into a general-purpose IETF transport protocol with kernel implementations on various platforms. Similar to TCP, SCTP provides a connection-oriented, reliable, full- duplex, congestion and flow-controlled layer 4 channel. Unlike both TCP and UDP, however, SCTP offers new delivery options that better match diverse applications' needs. Here, we introduce SCTP, discuss its innovative services, and outline ongoing SCTP-related research and standardization activities. 相似文献
15.
16.
《Journal of Parallel and Distributed Computing》2006,66(11):1472-1479
Recently, a new general purpose transport protocol, called SCTP, has been standardized by the IETF to be used in IP based applications. The features of SCTP, compared with TCP, better support the communication requirements of parallel applications and have motivated the development of SCTP-PVM, a PVM extension, that uses SCTP for direct communications among tasks. Using the LK-SCTP open source kernel module implementation of SCTP, we have compared the performances of SCTP-PVM with the standard version of PVM that, through the PvmRouteDirect directive, uses TCP. Due to the vast difference in the maturity level of both protocols where TCP, unlike SCTP, is able to offload checksum calculations and transport segmentations in hardware, in the tests performed, we have disabled the TCP hardware transport segmentations and we have analyzed the behaviour of SCTP-PVM both with the checksum enabled and disabled. SCTP-PVM, with the checksum disabled, resulted better as the messages exchanged among tasks increase. In addition, thanks to the SCTP multi-streaming feature, SCTP-PVM achieved higher throughput in error prone networks. On the other hand, due to the high-protocol processing cost of the checksum enabled, SCTP-PVM resulted slower. Finally, the SCTP-PVM extension has been designed to easily enable existing PVM applications to use the SCTP protocol features. 相似文献
17.
SCTP与TCP的比较分析 总被引:3,自引:1,他引:3
随着VoIP和第3代移动通信的发展,SCTP协议的使用将会越来越多。从分组结构、安全性、多归属、流、数据的发送和接收等几个方面对SCTP和TCP进行了分析比较。说明了为什么SCTP比TCP更适合传送PSTN信令。 相似文献
18.
随着IP网向多业务网的发展,新一代运输层协议SCTP会逐渐替代TCP在下一代网络中获得更加广泛的应用。分析了SCTP/IP协议栈中数据传输过程,介绍了SCTP协议所提供给开发人员的套接口编程模型,并给出一个在Uinx/Linux系统上利用一到多形式套接口模型开发客户/服务器应用的示例。 相似文献