一次性可变概率分片标记及其压缩标记  被引量:2

Scheme for non-repeated varying-probability packet marking and its compressed marking

在线阅读下载全文

作  者:胡汉平[1] 王凌斐[1] 郭文轩[1] 王祖喜[1] 

机构地区:[1]华中科技大学图像识别与人工智能研究所,湖北武汉430074

出  处:《华中科技大学学报(自然科学版)》2007年第3期16-18,共3页Journal of Huazhong University of Science and Technology(Natural Science Edition)

基  金:国家自然科学基金重大研究计划资助项目(90104029)

摘  要:提出了一次性可变概率分片标记方法,即对每一数据包从接入到受害主机的传输路径上的所有路由器至多对其进行一次标记,由此能够避免对任一数据包的重复标记;路由器根据数据包在网络上传输的距离d以概率1/(33-d)对其进行可变概率标记,使受害主机可等概率地收集到攻击路径中各个路由器标记的数据包.在此基础上,根据传输路径上IP信息的相似性冗余,提出了压缩一次性可变概率分片标记方法.实验结果表明,提出的方法能够消除可变概率标记方法对数据包的重复标记问题,并显著减少反向追踪攻击源所需数据包的数目,提高了对攻击源定位的准确性和实时性.A new packet marking scheme, non-repeated varying-probability packet marking scheme (nRVPPM) is proposed. In the nRVPPM, the packets were marked only one time along the forwarding path, so nRVPPM solved the repeated marking problem. And routers mark a packet with the probability 1/(33-d) according to the distance d the packet has traveled, which makes the victim receive the packets marked by each router with equal probability. The comparability of the IP addresses in a path was used. Another scheme, compressed non-repeated varying-probability packet marking (CnRVPPM) is proposed, which takes an ulterior step in reducing the number of packets required for traceback. The effectiveness of the proposed schemes was calculated through simulation studies. Our studies show that the proposed schemes offer high precision and efficiency, can dramatically reduce the number of packets that is required for the traceback process.

关 键 词:反向追踪 概率标记 分片标记 可变概率标记 重复标记 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象