| 一种新型拒绝服务攻击的研究 |
| |
| 引用本文: | 姚翼雄,刘颖,吴志军. 一种新型拒绝服务攻击的研究[J]. 信息安全与通信保密, 2007, 0(6): 179-181 |
| |
| 作者姓名: | 姚翼雄 刘颖 吴志军 |
| |
| 作者单位: | 中国民航大学,天津,300300 |
| |
| 摘 要: | Shrew DDoS(Distributed Denial of Service)攻击是一种新型的DDoS攻击,也称低速率DDoS攻击。它是利用TCP超时重传机制的漏洞,通过估计合法TCP流的RTO(Retransmission timeout)作为低速率攻击发包的周期T,周期性的发送短脉冲,使得攻击流可以周期性地占用网络带宽,这样就会让合法的TCP流总是认为网络的负担很重,造成所有受其影响的TCP流进入超时重传状态,最终使得受害主机的吞吐量大幅度降低,从而达到攻击目的。由于其攻击速率低,可以躲避传统的高速率攻击防御机制。这种新型拒绝服务攻击具有隐蔽性好、效果明显的特点。
|
| 关 键 词: | 低速率 超时重传 |
| 文章编号: | 1009-8054(2007)06-0179-03 |
| 修稿时间: | 2006-12-28 |
Research On A New Type DDoS Attack |
| |
| YAO Yixiong,LIU Ying,WU Zhijun. Research On A New Type DDoS Attack[J]. China Information Security, 2007, 0(6): 179-181 |
| |
| Authors: | YAO Yixiong LIU Ying WU Zhijun |
| |
| Abstract: | Shrew DDoS(Distributed Denial of Service)attacks,aslo named low-rate DDoS attack,is a new-style DDoS attack,Low-rate DDoS attacks is essentially a periodic short burst which exploits the deficiencies of the minimum RTO(Retransmission Time Out)of TCP flows and forces all affected TCP flows to enter the retransmission timeout state.The period T is calculated by the estimated TCP RTO time implemementations at legitimate sources.Because of its low rate,it can avoid traditional high rate detection mechanism and gravely degrade the throughput of the victim. |
| |
| Keywords: | Shrew DDoS TCP |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
