检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:YU Ming CHEN Weidong ZHOU Xiyuan
机构地区:[1]School of Communication Engineering, Xidian University, Xi'an 710071, China [2]The 54th Research Institute of CETC, Shijiazhuang 050081, China
出 处:《Chinese Journal of Electronics》2008年第1期141-144,共4页电子学报(英文版)
摘 要:An adaptive detection method is proposed to detect SYN flooding attacks at source-end networks. This method can adjust itself to the frequent changes of network conditions. Key features of its design include: (1) creating a detection statistic based on the protocol behavior of TCP SYN-SYN/ACK pairs; (2) forming on-line estimations of the statistical characters of the detection statistic; (3) adjusting its detection threshold according to the variations of network traffic and the latest detection result; (4) decreasing disturbance of random abnormalities in the normal network traffic by consecutive cumulation of threshold violations. Performance analysis and simulation results show the minimum attack traffic that can be detected is about 30% of the legitimate traffic, under the requirements that the probability of false alarms be less than 10^-6, the probability of a miss during an attack be less than 10^-2 and the detection delay be within 7 sampling periods.
关 键 词:SYN flooding attacks Adaptive detection Source-end defense Network security.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222