作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (02): 127-129. doi: 10.3969/j.issn.1000-3428.2007.02.044

• 安全技术 • 上一篇    下一篇

一种基于反向确认的DDoS攻击源追踪模型

荆一楠,屠 鹏,王雪平,张根度   

  1. (复旦大学计算机信息与技术系,上海 200433)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-01-20 发布日期:2007-01-20

Reverse-validation-based IP Traceback Scheme Against DDoS Attacks

JING Yinan, TU Peng, WANG Xueping, ZHANG Gendu   

  1. (Department of Computing Information and Technology, Fudan University, Shanghai 200433)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-01-20 Published:2007-01-20

摘要: 在分析高级随机包标记算法(AMS)的基础上,提出了一种基于反向确认的攻击源追踪模型,该模型不再需要AMS过强的假设前提。同时为了弥补其他自适应算法的不足,提出一种自适应边标记算法。理论分析和实验结果证明该算法不仅收敛时间短,而且比AMS算法更稳定。

关键词: 分布式拒绝服务攻击, 攻击源追踪, 随机包标记

Abstract: On the basis of analysis about advanced marking scheme(AMS), a reverse-validation IP traceback scheme is proposed, which no longer requires the too strong assumption of AMS. In order to improve other adaptive algorithms, an adaptive edge marking scheme (AEMS) is proposed. Theoretic analysis and simulation results prove that it can converge more quickly and stably than AMS.

Key words: Distributed denial-of-service attacks, IP traceback, Probabilistic packet marking