检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]南京理工大学计算机科学与技术学院,南京210094 [2]沈阳炮兵学院自行火炮系,沈阳110162
出 处:《计算机应用》2009年第11期2964-2968,共5页journal of Computer Applications
基 金:国防科工委应用基础资金资助项目(JI300D004)
摘 要:现有网络中网络地址转换(NAT)的存在使得其后网络中的主机对外部网络变得不可见,IPv6庞大的地址空间也使得攻击者利用传统的随机地址扫描策略很难找到有漏洞主机。概述当前DDoS攻击的基本原理,具体分析了随着因特网体系结构的变化,网络NAT等设施的出现对DDoS攻击所带来的影响。针对传统理论在研究DDoS攻击过程中的一些不足,提出了一种基于搜索引擎技术和Teredo服务的新型扫描策略,以及对NAT后主机实施DDoS攻击的具体方法。仿真实验证明这种新型DDoS入侵攻击更加有效,对复杂网络环境的适应性也更强。The technology of Network Adress Translator (NAT) is widely used in the Internet. With this technology, computers set behind the NAT are separated to the external net. Attacker can hardly find and invade those computer behind the NAT by the conventional technique. Some principles of DDoS attack were briefly introduced and a concrete analysis about the effect of NAT on DDoS attack was given. To overcome the weakness of traditional mode in describing the propagation of DDoS attack, a new scanning strategy based on the Teredo technology and search engines was presented. Attacker could more rapidly invade computers set behind the NAT and use those computers more efficiently to actualize the DDoS attack. Compared with the conventional invasive methods, the simulation results show that the new method is more effective and feasible.
关 键 词:网络地址转换 Teredo服务 搜索引擎 bubble-to-open程序
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.229