检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]中国人民公安大学信息技术与网络安全学院,北京102623
出 处:《软件导刊》2018年第1期199-201,共3页Software Guide
基 金:赛尔网络下一代互联网技术创新项目(NGⅡ20160405)
摘 要:在网络攻击日益泛滥的今天,分布式拒绝服务攻击带来的危害持续上升,其中最为典型的就是DRDoS攻击(分布式反射拒绝服务攻击),IPv6网络也面临这样的危险。为了应对DRDoS攻击带来的严峻安全形势,保障下一代互联网通信的健康安全,在IPv4接入网源地址验证的基础上进行了改进。结合IPv6网络特点实现动态过滤,引入域内攻击测试服务器对数据包源地址进行验证。实验结果表明,该方案能有效识别伪造源地址的数据包,进而实现对DDRoS攻击的有效防御。With the increasing proliferation of cyber attacks, the dangers of distributed denial of service attacks continue to rise. Which is currently the most typical is DRDoS attacks (distributed reflex denial of service attacks), IPv6 network is also facing such a danger. In order to deal with the DRDoS attack to bring the severe security situation, to protect the next generation of Internet communication health and safety and stability. In this paper, based on the IPv4 address network source address authentication to improve, combined with the characteristics of IPv6 network to achieve dynamic filtering, and the introduction of do- main attack test server to verify the source address of the packet. Through the experimental results, we can see that the scheme effectively identifies the packets with the source address, and realizes the effective defense of the DDRoS attack.
关 键 词:源地址验证 分布式反射拒绝服务攻击 防御方案 网络安全
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.68