| 一种用于实时追踪DDoS攻击源的分步算法 |
| |
| 引用本文: | 黄昌来,李明,彭革刚,高传善.一种用于实时追踪DDoS攻击源的分步算法[J].小型微型计算机系统,2006,27(6):1072-1076. |
| |
| 作者姓名: | 黄昌来 李明 彭革刚 高传善 |
| |
| 作者单位: | 复旦大学,计算机科学与工程系,上海,200433 |
| |
| 摘 要: | 鉴于因特网出现了越来越多的DDoS攻击事件,而且这些攻击事件大多数都是利用“地址欺骗(IP Spoofing)”的攻击手段,因此DDoS攻击源追踪问题已成为网络安全研究领域的一个新方向.本文提出了一种分步追踪攻击源的新算法,其核心思想是首先由基于自治域系统(AS)的概率标记算法(ASPPM)将攻击源确定在某些AS中,然后在AS自治域范围内再使用随机数标记算法(RNPM)精确定位攻击源位置.与其它DDoS攻击源追踪算法比较,该分步算法具有收敛速度快、路径计算负荷小以及较低的误报率等特点,非常适合实现对DDoS攻击的实时追踪.
|
| 关 键 词: | 网络安全 DDoS攻击 IP追踪 数据包标记 |
| 文章编号: | 1000-1220(2006)06-1072-05 |
| 收稿时间: | 05 25 2005 12:00AM |
| 修稿时间: | 2005-05-25 |
DDoS Traceback Scheme Based on Real-Time Consideration |
| |
| HUANG Chang-lai,LING Ming,PENG Ge-gang,GAO Chuan-shan.DDoS Traceback Scheme Based on Real-Time Consideration[J].Mini-micro Systems,2006,27(6):1072-1076. |
| |
| Authors: | HUANG Chang-lai LING Ming PENG Ge-gang GAO Chuan-shan |
| |
| Abstract: | DDoS attack has increasingly become a great threat to the current Internet. Due to the fact that IP spoofing technique is frequently used,defending DDoS attack faces extreme difficulty. Most of the previous approaches to this problem try to solve it on a generalized Internet scale. For many reasons,the related tracing process requires great overhead and the solutions are difficult to implement.This paper proposes a new DDoS traceback scheme based on real-time consideration by dividing the tracing process into two steps.In the first step,ASPPM Scheme is adopted to determine the attack-originating AS.The second step processing concentrates on identifing ins the exact origin of the attacks. Compared the to the previous schemes,the two-step traceback scheme has the benefits of quick convergence speed,light computational overhead and low false positive. So it is possible to trace the DDoS source on a real-time basis. |
| |
| Keywords: | Network Security DDoS Attack IP Traceback Packet Marking |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
