检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:安军科[1]
出 处:《科技通报》2012年第6期106-108,111,共4页Bulletin of Science and Technology
摘 要:低速率拒绝服务攻击利用已有网络协议中自适应机制的漏洞发起攻击,通过周期性的发送短脉冲,造成链路进入间断的拥塞状态,导致网络性能大幅下降。由于LDoS发送的攻击速率较低,因此更具隐蔽性且难以识别。本文分析了LDoS攻击原理及现有检测机制存在的问题,提取了LDoS在周期性攻击中的2个基本特征,并以此作为攻击流的识别依据,提出了一种LDoS攻击检测过滤方法。实验分析表明,在实际的网络环境和仿真环境中,该方法均能有效检测LDoS攻击,降低误报率以及提高路由器的吞吐率。The adaptive mechanism of exisitng network protocols have some defects which can be utilized by low-rate denial of service attack.LDoS periodically sends low-rate pulse,which causes discontinuous link congestion.It is more difficult to recognize and defend because its low-rate feature.We first analyzes the principles of LDoS attack and the status of network by simulation.Then two basic signatures of LDoS attack are extracted as significant basis for our algorithm.At last we propose an improved method to detect and defend the LDoS attack more accurately.It showed better performance in experiments,to recognize LDoS attack effectively and increase the throughput of the link.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222
