期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于自适应包标记的IP回溯 被引量:4

IP traceback based on adjusted probabilistic packet marking
在线阅读 下载PDF
导出
摘要 防御分布式拒绝服务攻击是当前网络安全中最难解决的问题之一。在各种解决方法中,自适应概率包标记受到了广泛的重视,因为算法中路径上的每个路由器根据一定策略自适应的概率标记过往的数据包,从而受害者可以用最短的重构时间,对攻击者进行IP回溯,找出攻击路径并发现攻击源。文中提出了一种自适应的标记策略。通过实验验证相比于常用策略,该策略重构路径所需的数据包明显减少,有效地减少了重构计算量和伪证性。 Defending against distributed denial of service attacks is one of the hardest security problems on the Internet today. Among several countermeasures, adaptive probabilistic packet making(APPM) is promising. Every router marks a passing packet with a probability that is adaptive to a given strategy, so that a minimum convergence time for an attacking path can be achieved to the victim, and the victim can be found in attack path reconstruction using IP traeeback method. In this paper, an adaptive probabilistic packet malting scheme was given. Compared to common schemes, it reduced the number of packets needed for path reconstruction, and the computation overhead and false proofs in path reconstruction were effectively reduced.
作者 顾晓清 刘渊
机构地区 江南大学信息工程学院
出处 《计算机应用》 CSCD 北大核心 2005年第9期2092-2093,2097,共3页 journal of Computer Applications
关键词 网络安全 分布式拒绝服务攻击 自适应概率包标记:IP回溯 network security distributed denial of service attacks APPM IP traceback
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献7

  • 1ALJIFRI H. IP Traceback: A New Denial - of - Service Deterrent ?[A]. IEEE security and privacy[C]. 2003. 1540 -7993.
  • 2SAVAGE S, WETHERALL D, KARLIN A, et al. Practical network support for IP traceback[A]. Proc. of ACMSIGCOMM Conference [C]. Stockholm, Sweden, 2000.295 - 306.
  • 3李德全,苏璞睿,冯登国.用于IP追踪的包标记的注记(英文)[J].软件学报,2004,15(2):250-258. 被引量:29
  • 4PENG T, LECKI C, RAMAMOHANROA K. Adjusted Probabilistic Packet Making[A]. Proc. of Networking2002[C]. Pisa, Italy, May 2002.
  • 5ADLER I, ROSS SM. The coupon subset collection problem [J] .Journal of Applied Probability, 2001, (3): 737 - 746.
  • 6RIZVI B, EMMANUEL F - G. Analysis of Adjusted Probabilistic Packet Marking[A]. Proc. of IP Operation and Management( IPOM 2003) [C]. Kansascity, Missouri, October 2003.9 - 13.
  • 7CAIDA Cooperative association for internet data analysis[ EB/OL].http:∥www. caida. org.

二级参考文献19

  • 1CERT.CERT Statistics.http://www.cert.org/stats/#incidents
  • 2Park K,Lee H.A proactive approach to distributed DoS attack prevention using route-based packet filtering.Technical Report,CSD00-017,Department of Computer Sciences,Purdue University,2000.http://www.cs.purdue.edu/nsl/dpf-tech.ps.gz
  • 3Savage S,Wetherall D,Karlin A,Anderson T.Practical network support for IP traceback.In:Proc.of the 2000 ACM SIGCOMM Conf.Stockholm,2000.295-306.http://www.acm.org/sigs/sigcomm/sigcomm2000/conf/paper/sigcomm2000-8-4.ps.gz
  • 4McGuire D,Krebs B.Attack on Internet called largest ever.2002.http://www.washingtonpost.com/ac2/wp-dyn/A828- 2002Oct22?
  • 5Lemos R.Attack targets info domain system.ZDNet News,2002.http://zdnet.com.com/2100-1105-971178.html
  • 6CERT.Overview of attack trends,2002.http://www.cert.org/archive/pdf/attack_trends.pdf
  • 7Ferguson P,Senie D.rfc2827,Network ingress filtering:defeating denial of service attacks which employ IP source address spoofing.IETF,May 2000.http://www.ietf.org/rfc/rfc2827.txt
  • 8Song DX,Perrig A.Advanced and authenticated marking schemes for IP traceback.In:Proc.of the IEEE INFOCOM 2001.http://www.ieee-infocom.org/2001/program.html
  • 9Park K,Lee H.On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack.In:Proc.of the IEEE INFOCOM 2001.2001.338-347.http://www.ieee-infocom.org/2001/program.html
  • 10Snoeren AC,Partridge C,Sanchez LA,Jones CE,Tchakountio F,Kent ST,Strayer T.Hash-Based IP traceback.In:Proc.of the ACM SIGCOMM 2001 Conf.2001.San Diego,2001.3-14.http://www.acm.org/sigs/sigcomm/sigcomm2001/p1.html

共引文献28

同被引文献36

引证文献4

二级引证文献3

计算机应用
2005年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部