| 一种基于分片包标记的改进方案 |
| |
| 引用本文: | 袁志勇,周肆清.一种基于分片包标记的改进方案[J].计算机应用,2009,29(2):357-359. |
| |
| 作者姓名: | 袁志勇 周肆清 |
| |
| 作者单位: | 中南大学信息科学与工程学院 中南大学信息科学与工程学院 |
| |
| 摘 要: | 分布式拒绝服务(DDoS)攻击已经对Internet安全构成巨大威胁。由于TCP/IP协议本身的缺陷以及Internet的无状态性,使受害者对攻击源的确定变得十分困难。在深入研究分片包标记方案的基础上,扩展了标记空间,设立了一个分组域来区分数据包来自于哪一分组的路由器。这样,在重构攻击路径时只需要少量的分片组合就可以验证一条边是否在实际的攻击路径中,从而缩短了收敛时间,并减少了误报数。
|
| 关 键 词: | 拒绝服务攻击 分布式拒绝服务攻击 IP追踪 分片包标记 |
| 收稿时间: | 2008-09-01 |
| 修稿时间: | 2008-10-16 |
An improved scheme based on fragment marking scheme |
| |
| YUAN Zhi-yong,ZHOU Si-qing.An improved scheme based on fragment marking scheme[J].journal of Computer Applications,2009,29(2):357-359. |
| |
| Authors: | YUAN Zhi-yong ZHOU Si-qing |
| |
| Affiliation: | YUAN Zhi-yong,ZHOU Si-qing School of Information Science , Engineering,Central South University,Changsha Hunan 410083,China |
| |
| Abstract: | Distributed denial-of-service(DDoS) attacks pose a grave threat to the security of Internet today. Since TCP/IP is a stateless protocol and it also has defect in design, it is quite difficult to determine the actual source of the attack. Based on the research of Fragment Marking Scheme, an improved scheme was presented, which extended the marking field. By adding a new group-ID field, a packet can be distinguished from different router groups. Fewer fragment combinations were required to verify if an edge was in the true attack graph; therefore, the convergence time reduces and the amount of false positive decreases. |
| |
| Keywords: | DoS DDoS IP traceback Fragment Marking Scheme (FMS) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
