检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张建川 王伟 ZHANG Jian-chuan WANG Wei(Intemet Domain Name System Beijing Engineering Research Center, Beijing 100190)
机构地区:[1]互联网域名系统北京市工程研究中心,北京100190
出 处:《信息安全与通信保密》2016年第12期50-57,共8页Information Security and Communications Privacy
摘 要:互联网域名系统(DNS)是确保互联网安全稳定运行的逻辑基础设施,但也因其重要性和脆弱性一直是安全攻击的重灾区。近年来,针对域名系统的攻击时有发生,且形式日趋多样化,最近发生的由物联网设备发起的针对Dyn的攻击而导致美国大面积断网就是最新例证。为有效应对类似问题,防止大面积断网事件在中国发生,政府应加强统筹协调,建立涵盖所有相关域名服务机构的高水平联动协调机制。本文从安全意识、体制机制、服务改进、软硬件研发等多个方面提出应对建议。当然,长期而言,DNS协议的改进才是最根本的应对措施,中国互联网社群在这一领域大有可为。As the logical infrastructure that ensures the secure and stable operation of the Intemet, Domain Name System (DNS) has long been the target of various attacks due to its importance and vulnerability. Over the past few years, attacks on DNS have occurred frequently and the means have become increasingly diversified. The latest case was the IoT-based DDoS attack on Dyn' s domain name service, which resulted in massive Internet outages in the United States. To cope with the similar challenge effectively and prevent such massive website outages from happening in China, government should play a leading role in establishing high-level joint coordination mechanisms that cover all the relevant domain name service parties. More specifically, this article suggests the following corrective measures such as security awareness, institutional arrangement, service amelioration, and software and hardware research. In the long run, however, improvement on the DNS protocol serves as the most fundamental measure. The Chinese Internet community should make endless efforts to contribute in this regard.
关 键 词:域名系统 域名解析 DDOS攻击 物联网 联动协调机制
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28