| 双主体安全协议的DoS动态防御 |
| |
| 引用本文: | 卫剑钒,段云所,唐礼勇,陈钟.双主体安全协议的DoS动态防御[J].计算机研究与发展,2005,42(10):1673-1678. |
| |
| 作者姓名: | 卫剑钒 段云所 唐礼勇 陈钟 |
| |
| 作者单位: | 北京大学信息科学技术学院,北京,100871;空军装备研究院通信导航与指挥自动化所,北京,100085;北京大学信息科学技术学院,北京,100871 |
| |
| 基金项目: | 国家“八六三”高技术研究发展计划基金项目(2002AA142160) |
| |
| 摘 要: | 拒绝服务(DoS)攻击是一种阻碍授权用户正常获得服务的主动攻击,大量安全协议存在着不同程度的DoS隐患.提出了一种会话标识和工作量证明相结合的DoS认证方法,对其进行了形式化的分析,给出了DoS认证的设计原则,可用于双主体安全协议的改进.改进后的安全协议可动态调整DoS防御的强度,且其安全性不低于原协议.
|
| 关 键 词: | 安全协议 拒绝服务(DoS) 工作量证明 会话标识 |
| 收稿时间: | 2004-04-12 |
| 修稿时间: | 2004-04-122004-12-17 |
A Dynamic Defense Against Denial of Service in Two-Party Security Protocols |
| |
| Wei Jianfan,Duan Yunsuo,Tang Liyong,Chen Zhong.A Dynamic Defense Against Denial of Service in Two-Party Security Protocols[J].Journal of Computer Research and Development,2005,42(10):1673-1678. |
| |
| Authors: | Wei Jianfan Duan Yunsuo Tang Liyong Chen Zhong |
| |
| Abstract: | Denial of service (DoS) is a kind of active attack that aims to prevent authoriz ed user to access services, DoS vulnerabilities with different degrees exist in various of security protocols. A new counter measure based on session identifie r and proof of work is presented, and then it is analyzed in a formal way propos ed by Meadows originally. In addition, some useful principles are provided in d esigning network DoS resistant protocols. By using this counter measure, two-p arty security protocols can be designed or modified against DoS attack in a dyna mic way and its security properties will not be lost. |
| |
| Keywords: | security protocol denial of service proof of work session identifier |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
