|
|||||
|
|
| 基于MAC认证的新型确定性包标记 | |
| 引用本文: | 杨小红,谢冬青,周再红,陈天玉. 基于MAC认证的新型确定性包标记[J]. 计算机工程, 2010, 36(16): 148-150 |
| 作者姓名: | 杨小红 谢冬青 周再红 陈天玉 |
| 作者单位: | 1. 湖南大学软件学院,长沙,410082 2. 广州大学计算机科学与教育软件学院,广州,510006 3. 湖南大学计算机与通信学院,长沙,410082 |
| 基金项目: | 国家自然科学基金资助项目,国家"863"计划基金资助项目 |
| 摘 要: | 在入口路由器数目大于攻击者数目时,基于Hash摘要的DPM(HDPM)算法的假阳率远高于其分析说明,由此提出一种基于MAC认证的新型确定性包标记(NADPM)方法,利用IP地址和MAC认证消息根据不同网络协议选择不同位数灵活地进行包标记。理论分析和模拟结果表明,该NADPM方法的假阳率远低于HDPM算法,且其最大可追踪攻击者数达140 000。 |
| 关 键 词: | 拒绝服务攻击 确定性包标记 MAC认证 追踪 |
Novel Deterministic Packet Marking Based on MAC-authentication |
|
| YANG Xiao-hong,XIE Dong-qing,ZHOU Zai-hong,CHEN Tian-yu. Novel Deterministic Packet Marking Based on MAC-authentication[J]. Computer Engineering, 2010, 36(16): 148-150 | |
| Authors: | YANG Xiao-hong XIE Dong-qing ZHOU Zai-hong CHEN Tian-yu |
| Affiliation: | (1. Software School, Hunan University, Changsha 410082; 2. School of Computer Science and Educational Software, Guangzhou University, Guangzhou 510006; 3. School of Computer and Communications, Hunan University, Changsha 410082) |
| Abstract: | The false positive rate of the HDPM scheme can be much higher than it is claimed when the number of ingress router interfaces is larger than the number of attackers. This paper proposes a Novel MAC-based Authenticated Deterministic Packer Marking(NADPM) scheme for IP trace. This method uses IP address and MAC authentication information based on different network protocols to choose for different packet marking the median. The implementation and evaluation demonstrates NADPM algorithm compared with other HDPM algorithms, the false positive rate reduces a lot, and can trace the maximum number of simultaneous attackers increasing to 140 000. |
| Keywords: | DDoS attacks deterministic packet marking MAC authentication traceback |
| 本文献已被 维普 万方数据 等数据库收录! | |
| 点击此处可从《计算机工程》浏览原始摘要信息 | |
| 点击此处可从《计算机工程》下载免费的PDF全文 | |