共查询到19条相似文献,搜索用时 140 毫秒
1.
针对分布式拒绝服务(distributed denial of service,DDoS)网络攻击知识库研究不足的问题,提出了DDoS攻击恶意行为知识库的构建方法。该知识库基于知识图谱构建,包含恶意流量检测库和网络安全知识库两部分:恶意流量检测库对 DDoS 攻击引发的恶意流量进行检测并分类;网络安全知识库从流量特征和攻击框架对DDoS 攻击恶意行为建模,并对恶意行为进行推理、溯源和反馈。在此基础上基于DDoS 开放威胁信号(DDoS open threat signaling,DOTS)协议搭建分布式知识库,实现分布式节点间的数据传输、DDoS攻击防御与恶意流量缓解功能。实验结果表明,DDoS攻击恶意行为知识库能在多个网关处有效检测和缓解DDoS攻击引发的恶意流量,并具备分布式知识库间的知识更新和推理功能,表现出良好的可扩展性。 相似文献
2.
移动Ad Hoc网络安全按需路由协议 总被引:1,自引:0,他引:1
Ad Hoc网络的安全性问题越来越引起人们的关注,如何确保Ad Hoc网络路由协议的安全成为Ad Hoc研究的一项关键技术。提出一种适用于移动Ad Hoc网络的安全按需源路由协议,利用移动节点之间的会话密钥和基于散列函数的消息鉴别码HMAC一起来验证路由发现和路由应答的有效性。提出的邻居节点维护机制通过把MAC地址和每个节点的ID绑定来防御各种复杂的攻击如虫洞攻击。NS-2仿真表明该协议能有效地探测和阻止针对Ad Hoc网络的大部分攻击。 相似文献
3.
分布式拒绝服务攻击(DDoS)已经成为互联网最大的威胁之一.提出了一种基于Intel IXP1200网络处理器平台的DDoS防御系统的设计方案,并实际实现了一个防御系统D-Fighter.提出了解决DDoS攻击的两个关键技术:数据包认证和细微流量控制的原理和方法,并在D-Fighter中设计实现.经过实际网络测试环境的应用测试表明,D-Fighter达到了设计目标,对DDoS攻击的防御有较好的效果. 相似文献
4.
李江 《电信工程技术与标准化》2013,(12):66-69
分布式拒绝服务攻击(DDoS)对网络具有极大的破坏性,严重影响现网的正常运营。虽然现网已经部署针对DDoS的流量清洗系统,然而小流量的攻击较洪水型攻击更难以被感知,进而不能得到有效的清洗。本文分析了网络中小流量DDoS攻击的原理和防御现状,并提出一种基于资源感知的小流量DDoS攻击防御方法。 相似文献
5.
本文主要介绍了分布式拒绝服务DDoS的攻击机制和相应的防御对策,并以英特尔IXP网络处理器为核心,配备符合IP31工业防护标准铝合金外壳设计了一款带DDoS防御的路由设备,同时,提出了解决DDoS攻击的关键技术:数据包认证的原理和方法。 相似文献
6.
7.
首先建立DDoS攻击特征的选择、表示、分析以及模型求解。然后,在此基础上研究基于敏感访问参数可变阈值约束的DDoS攻击防御方法。最后,研究基于可变概率标记的DDoS攻击流量清洗技术。 相似文献
8.
提出一种基于卫星航点的分段路由(waypoint-segmentrouting,WSR)算法,WSR算法以可预测的卫星网络拓扑运动周期为基础,根据卫星节点链路状态确定卫星航点的位置;利用分段路由灵活规划分组传输路径的机制,提前响应网络拓扑变化,计算得到一条不受网络拓扑快照切换影响的传输路径。基于NS-3仿真平台进行仿真实验,设置源节点与目标节点在反向缝同侧与不同侧两种场景,选取优化链路状态路由(optimized link state routing,OLSR)算法和最短路径算法与WSR进行时延抖动与分组丢失率的对比分析。实验证明WSR与OLSR相比,两种场景下最大时延抖动分别降低46 ms与126 ms,分组丢失率分别降低30%和21%,并且能够解决拓扑快照切换导致分组传输路径中断的问题。 相似文献
9.
10.
基于用户信誉值防御DDoS攻击的协同模型 总被引:2,自引:0,他引:2
提出了一种基于用户信誉值防御DDoS攻击协同(CDDACR,cooperation defense DDoS attack based on client reputation)模型来检测和防御DDoS攻击.该模型在逻辑上由2个检测代理构成:路由器端的RDA(router detection agent)和服务器端的SDA(server detection agent).RDA对用户数据流进行粗粒度检测,旨在过滤具有明显DDoS攻击特征的恶意数据流;SDA对用户数据流进行细粒度检测,检测并过滤恶意的狡猾攻击和低流量攻击,RDA和SDA协同工作来实时监测网络状况.实验结果表明,CDDACR模型能实时地识别和防御DDoS攻击,并且在异常发生时有效地阻止服务器被攻击的可能性. 相似文献
11.
Denial of service (DoS) attack was one of the major threats to cloud computing.Security access path algorithm (SAPA) used node route table (NRT) to compose security access path.It simplified role nodes of traditional secure overlay services (SOS),and periodically updated role nodes,and cached security access paths.Therefore,SAPA was more appropriate for cloud computing to defend DoS attacks.Based on the turn routing architecture of cloud computing,the mathematical model of SAPA was built and its performance was analyzed in theory.The performance of SAPA was tested in OMNeT++ experimental platform.Also,the Test-bed experiments were performed to evaluate the effectiveness of SAPA for defending DoS attack.Experimental results show that comparing with SOS,SAPA can degrade the impact of communication success rate caused by DoS attack effectively,and guarantees the access delay small enough. 相似文献
12.
目前大多数企业已经部署了基于策略访问控制的信息安全防御体系,但是随着云计算环境部署和网络攻击技术的发展,安全正成为云计算环境下亟待解决的重要问题,诸如能轻而易举地绕过传统防火墙、突破基于黑/白名单与特征匹配的安全防御机制等高级持续性攻击,给传统安全体系带来了新的挑战.分析了传统紧耦合安全防御体系在虚实结合网络环境下面临的问题,提出了软件定义安全的模型及其框架下的关键技术,实现了虚拟的和物理的网络安全设备与它们的接入模式、部署位置解耦合,为企业云计算环境下自适应的主动安全防护提供了有益的探索. 相似文献
13.
随着云计算在学术界和工业界的兴起,云计算也不可避免的带来了一些安全问题.本文对云计算的安全需求进行了总结,指出云计算不仅在机密性、数据完整性、访问控制和身份认证等传统安全性上存在需求,而且在可信性、配置安全性、虚拟机安全性等方面具有新的安全需求.我们对云计算的两个典型产品Amazon Web Services和Windows Azure的安全状况进行了总结,并阐述了针对云计算的拒绝服务攻击和旁通道攻击.基于云计算的安全需求和面临的攻击,对现有安全机制进行了优缺点分析,系统的总结了现有的安全机制. 相似文献
14.
As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes. 相似文献
15.
The future of information technology mainly depends upon cloud computing. Hence security in cloud computing is highly essential for the consumers as well as the service providers of the particular cloud environment. There are many security threats are challenging the current cloud environment. One of the important security threat ever in cloud environment is considered to be the Distributed Denial of Service (DDoS) attack. Where cloud is of greater benefit in terms of providing on-demand services, a certain kind of attack named as Economic Denial of Sustainability (EDoS) occurs in pay per use payment model. Due to the occurrence of this attack the consumers are forced to pay additional amount for the services offered. EDoS attacks are similar to that of DDoS attacks Which is classified as-attacks associated with bandwidth consuming, application targeted attacks and the exhaustion of the connection layer. The main objective of the proposed work is to design a profile-based novel framework for maximizing the detection of various types of EDoS attacks. During this process, the proposed framework consisting Feature Classification (FC) algorithm ensures that false positives and negatives along with bandwidth and memory consumption are highly minimized. The proposed algorithm allows only the limited resources for allocation to the available virtual machines which increases the chances of the detecting the attack and preventing the misuse propagation of resources. The accuracy and efficiency of this approach is proven to be higher with lesser computational complexity when compare to the existing approaches.
相似文献16.
随着云计算的发展需要,面临着越来越多的威胁,网络与信息安全也随之提升到了一个前所未有的高度,任何工作上的疏漏,都有可能造成非常严重的负面影响,影响到企业安全可持续。随着信息化云计算时代的到来,涉及敏感信息的安全保护正面临着越来越严峻的考验。网络攻击、病毒破坏、木马、存储介质盗取、遗失,非法授权或授权滥用、内部人员不经意失密、泄密,都构成严重的信息安全威胁,我们发现服务安全、数据安全、操作规范等安全问题,始终是云平台正常投入使用所面临的最大问题和业务隐患。本文阐述为了加强新疆移动云资源池数据安全,实现对云计算环境下虚拟机业务数据调取传输以及迁移过程中各类敏感数据的创建、生产、使用、销毁等各环节的全生命周期安全管控。监控处于数据生命周期各环节的各虚拟机传输过程和存储涉及哪类敏感数据;对敏感数据传输、分类,并给虚拟机打上需要销毁的标签,可靠擦除,避免虚拟机被共享后数据恢复。同时,实现对敏感数据宿主虚拟机的传输实时监控,发现异常和违规行为,避免违规或非法人员通过网络访问、隐蔽通道、非常规端口等方式盗取敏感数据。 相似文献
17.
Soohoon Maeng Meryam Essaid Changhyun Lee Sejin Park Hongteak Ju 《International Journal of Network Management》2021,31(6):e2175
Ethereum is arguably the second most popular cryptocurrency-based network after Bitcoin. Both use the distributed ledger technology known as the blockchain, which is considered secure. However, the provided security level is proportional to the number of connected nodes, the number of influential nodes, and the supported amount of hash power. Thus, the knowledge of the network properties and nodes' behavior is helpful to protect the network from possible attacks such as double-spending attacks, DDoS attacks, 51% attacks, and Sybil attacks. This paper proposes a node discovery mechanism, which performs a P2P link discovery on the Ethereum main network. For that, we develop Search-node, a modified version of Ethereum client that searches for all participating nodes in the blockchain network, stores the node information in the Bucket, and then processes the peer discovery method. Based on the collected data, we first visualize the Ethereum network topology and analyze the attributes of the network such as node degree, path length, diameter, and clustering coefficient. We then analyze the node properties and provide analytical results regarding the relationship between nodes, heavily connected nodes, node geo-distribution, security issues, and possible attacks over the influential nodes. As a result, we have identified 68,406 nodes with a total of 642,034 edges. By analyzing the collected data, we have found that the diameter in the Ethereum network is equal to 8. The node degree is over 19, which is two times higher than the default configuration. 相似文献
18.
《Selected Areas in Communications, IEEE Journal on》2006,24(10):1877-1888
In defending against various network attacks, such as distributed denial-of-service (DDoS) attacks or worm attacks, a defense system needs to deal with various network conditions and dynamically changing attacks. Therefore, a good defense system needs to have a built-in “adaptive defense” functionality based on cost minimization—adaptively adjusting its configurations according to the network condition and attack severity in order to minimize the combined cost introduced by false positives (misidentify normal traffic as attack) and false negatives (misidentify attack traffic as normal) at any time. In this way, the adaptive defense system can generate fewer false alarms in normal situations or under light attacks with relaxed defense configurations, while protecting a network or a server more vigorously under severe attacks. In this paper, we present concrete adaptive defense system designs for defending against two major network attacks: SYN flood DDoS attack and Internet worm infection. The adaptive defense is a high-level system design that can be built on various underlying nonadaptive detection and filtering algorithms, which makes it applicable for a wide range of security defenses. 相似文献