网络攻击源追踪技术研究综述  被引量:18

On the Survey of Network Attack Source Traceback

在线阅读下载全文

作  者:姜建国[1,2] 王继志 孔斌 胡波[1,2] 刘吉强[4] JIANG Jianguo;WANG Jizhi;KONG Bin;HU Bo;LIU Jiqiang(Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences Beijing 100093, China;Shandong Computer Science Center (National Supercomputer Center in Jinan), Jinan 250101, China;Beijing Jiaotong University, Beijing 100093, China)

机构地区:[1]中国科学院信息工程研究所,北京中国100093 [2]中国科学院大学网络空间安全学院,北京中国100093 [3]山东省计算中心(国家超级计算济南中心),济南中国250101 [4]北京交通大学,北京中国100093

出  处:《信息安全学报》2018年第1期111-131,共21页Journal of Cyber Security

基  金:山东省重大科技创新工程(编号:2017CXGC0704)资助

摘  要:在网络空间中,网络攻击源追踪是指当检测到网络攻击事件发生后,能够追踪定位真正的攻击者的主机,以帮助司法人员对攻击者采取法律手段。近二十年,研究人员对网络攻击源追踪技术进行了大量研究。本文对这些研究进行了综述。首先,明确了问题的定义,不同的攻击场景所采用的追踪技术也有所不同,将问题分为5类:虚假IP追踪、Botnet追踪、匿名网络追踪、跳板追踪、局域网追踪,分别总结了相关的研究成果,明确各种方法所适用的场景。最后,将各类方法归纳为4种类型,对比了这4类方法的优缺点,并讨论了未来的研究方向。In cyberspace, the network attack sources traceback is to trace and locate the real hosts owned by attackers after network attack events are detected, so that judicial personals can take some legal action to arrest or prosecute these network attackers. In recently twenty years, there are lots of researches on the issue, which is investigated by the paper.Firstly, the definition of the issue is argued. Since different traceback technologies should be applied on different attack scenarios, the issue can be divided into 5 sub-problems: Spoofing IP Traceback, Botnet Traceback, Anonymous Network Traceback, Step Stone Traceback, and Local Network Traceback. In the 5 sub-problems, all kinds of methods are surveyed and their primitive conditions are discussed. Finally, these methods are sumed up 4 types, whose strengths and weaknesses are compared. Then the future research work is proposed.

关 键 词:网络安全 IP追踪 跳板检测 僵尸网络 匿名网络 

分 类 号:TP393.0[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象