基于源目的IP地址对数据库的防范DDos攻击策略
DOI:
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

Supported by the National Natural Science Foundation of China under Grant No.60572131 (国家自然科学基金); the Key Technologies R&D Program of Jiangsu Province of China under Grant No.BE2007058 (江苏省科技攻关项目); the Scientific Research Foundation of ZTE and Huawei Corporation of China (中兴及华为基金); the Scientific Development Foundation of Government of China (南京市科技发展计划); the Scientific Research Foundation of NUPT of China under Grant Nos.NY206008, NY206050 (南京邮电大学攀登计划及青蓝计划)


Defending DDos Attacks Based on the Source and Destination IP Address Database
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    提出了一种基于源目的IP地址对数据库的防范分布式拒绝服务攻击(distributed denial of service attacks,简称DDos)攻击策略.该策略建立正常流量的源目的IP地址对数据库(source and destination IP address database,简称SDIAD),使用扩展的三维Bloom Filter表存储SDIAD,并采用改进的滑动窗口无参数CUSUM(cumulative sum)算法对新的源目的IP地址对进行累积分析,以快速准确地检测出DDos攻击.对于SDIAD的更新,采用延迟更新策略,以确保SDIAD的及时性、准确性和鲁棒性.实验表明,该防范DDos攻击策略主要应用于边缘路由器,无论是靠近攻击源端还是靠近受害者端,都能够有效地检测出DDos攻击,并且有很好的检测准确率.

    Abstract:

    This paper proposes a scheme to defend distributed denial of service attacks (DDos) based on the source and destination IP address database. The scheme establishes the source and destination IP address database (SDIAD) by observing the normal traffic and storages SDIAD in a three dimension Bloom Filter table. Then this paper cumulates and analyses the new pair of source and destination IP address based on the slide non-parametric cumulative sum (CUSUM) algorithm to detect the DDos attacks quickly and accurately. The secheme updates SDIAD by using a delayed update policy to keep SDIAD timely,accurate and robust. This secheme is mainly applied in the edge router and it can detect the DDos attacks efficiently either the edge router or the last-mile router is the first-mile router. The simulation results display that the secheme do a good performance in detecting DDos attacks.

    参考文献
    相似文献
    引证文献
引用本文

孙知信,李清东.基于源目的IP地址对数据库的防范DDos攻击策略.软件学报,2007,18(10):2613-2623

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2006-06-05
  • 最后修改日期:2006-11-13
  • 录用日期:
  • 在线发布日期:
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号