摘要：

在入口路由器数目大于攻击者数目时，基于Hash摘要的DPM(HDPM)算法的假阳率远高于其分析说明，由此提出一种基于MAC认证的新型确定性包标记(NADPM)方法，利用IP地址和MAC认证消息根据不同网络协议选择不同位数灵活地进行包标记。理论分析和模拟结果表明，该NADPM方法的假阳率远低于HDPM算法，且其最大可追踪攻击者数达140 000。

关键词: 拒绝服务攻击, 确定性包标记, MAC认证, 追踪

Abstract:

The false positive rate of the HDPM scheme can be much higher than it is claimed when the number of ingress router interfaces is larger than the number of attackers. This paper proposes a Novel MAC-based Authenticated Deterministic Packer Marking(NADPM) scheme for IP trace. This method uses IP address and MAC authentication information based on different network protocols to choose for different packet marking the median. The implementation and evaluation demonstrates NADPM algorithm compared with other HDPM algorithms, the false positive rate reduces a lot, and can trace the maximum number of simultaneous attackers increasing to 140 000.

Key words: DDoS attacks, deterministic packet marking, MAC authentication, traceback

中图分类号: 

• TP393.08