| 基于移动agent的DDoS攻击协同防范技术研究 |
| |
| 引用本文: | 吴姗姗 李俊. 基于移动agent的DDoS攻击协同防范技术研究[J]. 微机发展, 2006, 16(4): 230-233 |
| |
| 作者姓名: | 吴姗姗 李俊 |
| |
| 作者单位: | 南京航空航天大学信息科学与技术学院 江苏南京210016 |
| |
| 基金项目: | 国防科工委国防基础项目(S0500B003) |
| |
| 摘 要: | 分布式拒绝服务攻击(distributed denial-of-service,DDoS)已经对Internet的稳定运行造成了很大的威胁。近两年来,DDoS的攻击方法和工具变得越来越复杂,越来越有效,追踪真正的攻击者也越来越困难。从攻击防范的角度来说现有的技术仍然不足以抵御大规模的攻击。文中通过分析DDoS攻击原理以及DDoS攻击行为,提出了一个基于移动agent的分布式协同入侵检测模型。该模型通过构建本地入侵检测模块和反DDoS实体模块来协同对分布式拒绝访问攻击形成大面积网络预警机制,以达到在陷于大规模分布式拒绝访问攻击时,能够最小化检测和反应时间,并进行自动响应。
|
| 关 键 词: | DDoS 移动agent 入侵检测 |
| 文章编号: | 1005-3751(2006)04-0230-04 |
| 修稿时间: | 2005-08-05 |
Cooperative Detection to DDoS Attacks Based on Mobile Agent |
| |
| WU Shan-shan,LI Jun. Cooperative Detection to DDoS Attacks Based on Mobile Agent[J]. Microcomputer Development, 2006, 16(4): 230-233 |
| |
| Authors: | WU Shan-shan LI Jun |
| |
| Abstract: | Distributed denial-of-service attack(DDoS) brings a very serious threat to the stability of the Internet.In the last two years,it is discovered that DDoS attack methods and tools are becoming more sophisticated,effective,and also more difficult to trace to the real attackers.However,on the defense side,current technologies are still unable to withstand large-scale attacks.In this paper,first analyses the attacking rules and behaviors of DDoS,and then based on mobile agent,propose a cooperative intrusion detection framework focused on countering distributed denial-of-service(DDoS) attacks through the introduction of a distributed overlay early-warning network.The goal is to minimize the detection and reaction time,and automate responses,while involving as many networks as possible along the attack path. |
| |
| Keywords: | DDoS mobile agent intrusion detection |
| 本文献已被 CNKI 等数据库收录! |
|
