计算机应用 ›› 2005, Vol. 25 ›› Issue (09): 2092-2093.DOI: 10.3724/SP.J.1087.2005.02092

• 网络与信息安全 • 上一篇    下一篇

基于自适应包标记的IP回溯

顾晓清,刘渊   

  1. 江南大学信息工程学院
  • 出版日期:2005-09-01 发布日期:2011-04-11

IP traceback based on adjusted probabilistic packet marking

GU Xiao-qing,LIU Yuan   

  1. School of Information Engineering,Southern Youngtze University,Wuxi Jiangsu 214122,China
  • Online:2005-09-01 Published:2011-04-11

摘要: 防御分布式拒绝服务攻击是当前网络安全中最难解决的问题之一。在各种解决方法中,自适应概率包标记受到了广泛的重视,因为算法中路径上的每个路由器根据一定策略自适应的概率标记过往的数据包,从而受害者可以用最短的重构时间,对攻击者进行IP回溯,找出攻击路径并发现攻击源。文中提出了一种自适应的标记策略。通过实验验证相比于常用策略,该策略重构路径所需的数据包明显减少,有效地减少了重构计算量和伪证性。

关键词: 网络安全, 分布式拒绝服务攻击, 自适应概率包标记, IP回溯

Abstract: Defending against distributed denial of service attacks is one of the hardest security problems on the Internet today.Among several countermeasures,adaptive probabilistic packet making(APPM) is promising.Every router marks a passing packet with a probability that is adaptive to a given strategy,so that a minimum convergence time for an attacking path can be achieved to the victim,and the victim can be found in attack path reconstruction using IP traceback method.In this paper,an adaptive probabilistic packet making scheme was given.Compared to common schemes,it reduced the number of packets needed for path reconstruction,and the computation overhead and false proofs in path reconstruction were effectively reduced.

Key words: network security, distributed denial of service attacks, APPM, IP traceback

中图分类号: