首页 | 本学科首页   官方微博 | 高级检索  
     

一种基于历史信任数据的DDOS防御模型
引用本文:李金良 王文国 何裕友. 一种基于历史信任数据的DDOS防御模型[J]. 微机发展, 2007, 17(7): 160-162
作者姓名:李金良 王文国 何裕友
作者单位:曲阜师范大学计算机科学学院 山东日照276826
基金项目:国家人事部高层次留学人员回国工作资助项目(国人部发[2004]61号)
摘    要:分布式拒绝服务攻击给网络安全和网络服务质量带来了巨大的威胁。通过对分布式拒绝服务攻击原理及现有防御措施的分析,为了更有效防御这类攻击的发生,可以考虑在边界路由器上建立一种基于历史信任数据的源地址库的防御模型。该模型以历史信任数据库为依托,通过对异常IP包使用核心无状态公平排队算法进行源地址检测并对其处理结果做出相应的处理,可以有效、快速过滤掉异常的IP包数据,提前防止网络受到分布式拒绝服务攻击的侵害。

关 键 词:分布式拒绝服务攻击  历史信任数据  异常IP包  源地址检测  核心无状态公平排队算法
文章编号:1673-629X(2007)07-0160-03
修稿时间:2006-09-23

A Model Based on Historical Trusted Data to Defense DDOS
LI Jin-liang,WANG Wen-guo,HE Yu-you. A Model Based on Historical Trusted Data to Defense DDOS[J]. Microcomputer Development, 2007, 17(7): 160-162
Authors:LI Jin-liang  WANG Wen-guo  HE Yu-you
Abstract:The distributed denial of service attacks brought an enormous threat to network security and network quality of service.Through analysing principle of distributed denial of service attack and the existing preventive measures,in order to more effectively defend against such attacks,the border routers can be taken to establish a defense model based on historical trusted data of the source address.The model is based on a historical trusted database,and to the abnormal IP used CSFQ source address detection and makes treatment with outcome of the algorithm.The model can be effective,rapid filter abnormal IP packet data,in advance to prevent networks against distributed denial of service attack.
Keywords:DDOS  historical trusted data  abnormal IP  source address detected  CSFQ
本文献已被 CNKI 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号