计算机工程 ›› 2008, Vol. 34 ›› Issue (14): 23-25.doi: 10.3969/j.issn.1000-3428.2008.14.009

• 博士论文 • 上一篇    下一篇

IPv6中的DoS/DDoS攻击流量突发检测算法

杨新宇1,李 磊1,张国栋2   

  1. (1. 西安交通大学计算机科学与技术系,西安 710049;2. 上海浦东发展银行总行产品开发部,上海 200233)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-07-20 发布日期:2008-07-20

DoS/DDoS Traffic Burst Detecting Algorithm in IPv6

YANG Xin-yu1, LI Lei1, ZHANG Guo-dong2   

  1. (1. Dept. of Computer Science & Technology, Xi’an Jiaotong University, Xi’an 710049;2. Innovation & Promotion Dept., Shanghai Pudong Development Bank, Shanghai 200233)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-07-20 Published:2008-07-20

摘要: IPv6下的安全体系结构IPSec对IPv6网络的安全起到了一定的作用,但是它对某些特殊攻击的防范,例如泛洪DoS/DDoS攻击,却无能为力。该文通过对IPv6中泛洪DoS/DDoS攻击发生时的流量特征的分析,对基于网络流量突发变化的DoS/DDoS攻击检测算法在IPv6下的应用进行研究,分别用Matlab和NS-2对算法进行有效性和可行性验证。结果表明,突发流量检测算法在IPv6环境中运行良好。

关键词: IPv6协议, DoS/DDoS攻击, 流量突发检测

Abstract: The IPv6 security architecture, IPSec, plays a positive role in the protection of IPv6 networks. To some special attacks, especially DDoS attacks, IPSec appears relatively weak. By analyzing the flow characteristics when IPv6 flooding DoS/DDoS attack occurred, it studies the flooding DoS/DDoS detecting algorithm based on traffic burst used in IPv6. Experiments in Matlab and NS-2 show the detection algorithm can be very good in IPv6 environment for application.

Key words: IPv6 protocol, DoS/DDoS attack, traffic burst detecting

中图分类号: