首页 | 本学科首页   官方微博 | 高级检索  
     

一种基于分片包标记的改进方案
引用本文:袁志勇,周肆清.一种基于分片包标记的改进方案[J].计算机应用,2009,29(2):357-359.
作者姓名:袁志勇  周肆清
作者单位:中南大学信息科学与工程学院 中南大学信息科学与工程学院
摘    要:分布式拒绝服务(DDoS)攻击已经对Internet安全构成巨大威胁。由于TCP/IP协议本身的缺陷以及Internet的无状态性,使受害者对攻击源的确定变得十分困难。在深入研究分片包标记方案的基础上,扩展了标记空间,设立了一个分组域来区分数据包来自于哪一分组的路由器。这样,在重构攻击路径时只需要少量的分片组合就可以验证一条边是否在实际的攻击路径中,从而缩短了收敛时间,并减少了误报数。

关 键 词:拒绝服务攻击  分布式拒绝服务攻击  IP追踪  分片包标记  
收稿时间:2008-09-01
修稿时间:2008-10-16

An improved scheme based on fragment marking scheme
YUAN Zhi-yong,ZHOU Si-qing.An improved scheme based on fragment marking scheme[J].journal of Computer Applications,2009,29(2):357-359.
Authors:YUAN Zhi-yong  ZHOU Si-qing
Affiliation:YUAN Zhi-yong,ZHOU Si-qing School of Information Science , Engineering,Central South University,Changsha Hunan 410083,China
Abstract:Distributed denial-of-service(DDoS) attacks pose a grave threat to the security of Internet today. Since TCP/IP is a stateless protocol and it also has defect in design, it is quite difficult to determine the actual source of the attack. Based on the research of Fragment Marking Scheme, an improved scheme was presented, which extended the marking field. By adding a new group-ID field, a packet can be distinguished from different router groups. Fewer fragment combinations were required to verify if an edge was in the true attack graph; therefore, the convergence time reduces and the amount of false positive decreases.
Keywords:DoS  DDoS  IP traceback  Fragment Marking Scheme (FMS)
本文献已被 CNKI 维普 万方数据 等数据库收录!
点击此处可从《计算机应用》浏览原始摘要信息
点击此处可从《计算机应用》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号