| 分布式DNS反射DDoS攻击检测及控制技术 |
| |
| 引用本文: | 罗志强,沈军,金华敏.分布式DNS反射DDoS攻击检测及控制技术[J].电信科学,2015,31(10):1-196. |
| |
| 作者姓名: | 罗志强 沈军 金华敏 |
| |
| 作者单位: | 中国电信股份有限公司广州研究院 广州 510630 |
| |
| 摘 要: | 分布式DNS反射DDoS攻击已经成为拒绝服务攻击的主要形式之一,传统的基于网络流量统计分析和网络流量控制技术已经不能满足防护需求。提出了基于生存时间值(TTL)智能研判的DNS反射攻击检测技术,能够准确发现伪造源IP地址分组;基于多系统融合的伪造源地址溯源阻断技术,从源头上阻断攻击流量流入网络。
|
| 关 键 词: | DNS反射攻击 DDoS攻击 虚假源地址 网络安全 |
Detection and Control Technology of Distributed DNS Reflective DDoS Attack |
| |
| Zhiqiang Luo,Jun Shen,Huamin Jin.Detection and Control Technology of Distributed DNS Reflective DDoS Attack[J].Telecommunications Science,2015,31(10):1-196. |
| |
| Authors: | Zhiqiang Luo Jun Shen Huamin Jin |
| |
| Affiliation: | Guangzhou Research Institute of China Telecom Co.,Ltd.,Guangzhou 510630,China |
| |
| Abstract: | Distributed DNS reflective DDoS attack has become one of the main forms of denial of service attacks,and traditional security technology based on network traffic analysis and network traffic control technology can’t meet the needs of protection.Detection technology of DNS reflection attack based on time to live (TTL)value intelligent judgments was proposed,and the detection technology can accurately detect spoofed source IP address of the packet.The control technology based on multi system fusion can block attack traffic flow into the network in the source. |
| |
| Keywords: | DNS reflective attack DDoS attack fake source address network security |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电信科学》浏览原始摘要信息 |
|
点击此处可从《电信科学》下载全文 |
