检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:常志鹏
机构地区:[1]宁夏医科大学现代教育技术中心,宁夏银川750001
出 处:《计算机仿真》2018年第2期287-290,424,共5页Computer Simulation
基 金:宁夏回族自治区2017年研究生教育创新项目:基于MOOC的医学研究生协作创新能力的研究(YXW201716)
摘 要:在高速网络环境下对攻击源的追踪标记,有利于更好、更高效地防范此类攻击对网络用户和服务器的攻击,消除高速网络安全隐患。针对现有的攻击源追踪标记方法推测攻击路径需要过多的网络数据包,存在难以快速重构攻击路径和防御攻击者伪造攻击,路由器的转发性能较差的问题,提出一种高速网络环境下可控攻击源追踪标记方法。根据网络路由器节点当前流量统计,在短时域内推测出高速网络环境下主要攻击路径。采用随机标注方法依据主要攻击路径IP报文中的选项资源,以概率将流经网络路由器的IP地址标记报文,再依据流量包的幸存时间推断路由器与攻击源之间的距离,针对各个路由标记域独立地执行概率标记,受害目标可根据接收的路由标记信息实现转发路径的重构以及攻击源识别。实验结果表明,上述方法可以使受害者使用更少的数据包重构出攻击路径,在处理伪造数据包IP地址、路由器转发率上优势明显,减少了高速网络攻击带来的危害。A tracking mark method of controllable attack sources in high - speed network environment is pro- posed. According to the current traffic statistics of nodes in network router, the main attack path in high speed net- work environment is deduced in short time domain. Based on option resources in attack path IP message, the random tagging method is used to mark message with IP address flowing through network router. Then, the distance between the router and the attack source is inferred according to survival time of traffic packet. Aiming at each tag field of router, the probability tag is performed independently. Thus, the victim target can realize reconstruction of forwarding path and identification of attack source according to the received routing tag information. Simulation results show that the proposed method can make victims reconstruct the attack path with fewer packets, which has obvious advantage in processing the forged packet IP address and router forwarding rate. Thus, the harm caused by high - speed network attacks is reduced.
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.33