一种基于突变理论的域间路由系统BGP-LDoS攻击检测方法  被引量:1

BGP-LDoS Attack Detection Method of Inter Domain Routing System Based on Catastrophe Theory

在线阅读下载全文

作  者:苗甫 王振兴[1] 郭毅[1] 张连成[1] 王禹[1] MIAO Fu;WANG Zhenxing;GUO Yi;ZHANG Liancheng;WANG Yu(Information Engineering University,Zhengzhou 450001,China)

机构地区:[1]信息工程大学,河南郑州450001

出  处:《信息工程大学学报》2019年第4期452-460,共9页Journal of Information Engineering University

基  金:国家自然科学基金资助项目(61402525,61402526,61472215,61502528);国家863计划资助项目(2012AA012902)。

摘  要:近年来针对域间路由系统的安全威胁日益严峻,特别是针对域间路由系统的大规模低速率拒绝服务攻击(Low-rate DoS against BGP Sessions,BGP-LDoS)能够通过引起级联失效,造成域间路由系统的整体瘫痪。分析域间路由系统在BGP-LDoS攻击威胁下的状态突变过程,提出一种基于突变级数的域间路由系统BGP-LDoS攻击检测方法ADCT。学习正常和异常情况下的系统状态样本,利用5种强表征性的统计特征构建系统正常和异常运行时的平衡曲面。监控系统运行状态,计算系统当前偏离正常和异常平衡曲面的距离,以判断系统是否面临BGP-LDoS攻击。实验结果表明,方法仅需要监控系统中少量的关键链路和节点即可有效检测BGP-LDoS攻击。In recent years,the security problems of the inter domain routing system is becoming more and more serious.A large-scale low rate denial of service attack against BGP Sessions(BGP-LDoS)can trigger a wild range of cascading failure and cause the overall paralysis of inter domain routing system.To end this,we analyze the inter domain state mutation process under the BGP-LDoS attack,and propose a BGP-LDoS attack detection method based on the catastrophe theory(ADCT).Through systematic study of state samples of normal and abnormal conditions,five typical statistical characteristics are chosen to establish the normal and abnormal state of equilibrium surface.Then the running state of the system is monitored using the point mutation transition function and the mutation distance threshold.Since the mutation distance represents the system deviation from the normal state,we can use the BGP-LDoS attack threshold to detect attacks.The experimental results show that the method can get good detection ability by monitoring only a few links and nodes.

关 键 词:域间路由 低速率拒绝服务 突变理论 攻击预警 网络安全 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象