网络服务DDoS攻击主动防御框架  被引量:5

Active defense framework of network service DDoS attacks

在线阅读下载全文

作  者:柴新忠 李凯 龚梦瑶 赵原 CHAI Xin-zhong;LI Kai;GONG Meng-yao;ZHAO Yuan(Infrastructure System Department,Shanghai Zhongchuan NERC-SDT Limited Company,Shanghai 200235,China;Military Ship Department 2,Marine Design and Research Institute of China,Shanghai 200021,China)

机构地区:[1]上海中船船舶设计技术国家工程研究中心有限公司基础设施部,上海200235 [2]中国船舶及海洋工程设计研究院军船二部,上海200021

出  处:《计算机工程与设计》2021年第10期2770-2775,共6页Computer Engineering and Design

摘  要:为高效保护在线网络服务,提出一种基于动目标防御的主动防御框架,其通过周期性地重组网络服务系统中接入用户和反向代理服务器之间的网络连接来保证系统的安全性,这就是所谓的“洗牌”。通过这种方式,恶意用户难以对系统进行分布式拒绝服务(DDoS)攻击,但动目标防御也带来了巨大的资源消耗,阻碍了其大规模的应用与推广。为解决上述问题,提出一种面向在线网络服务DDoS攻击的智能化主动防御框架DQ-MOTAG,将深度强化学习与动目标防御进行结合。设计一个算法生成每个洗牌周期的最优持续时间,指导后续的洗牌过程。进行一系列实验验证DQ-MOTAG与现有方法相比,在防御性能、误封率和网络源消耗等方面具有明显的优越性。To efficiently protect online network services,an active defense framework based on moving target defense was proposed,which guaranteed the security of the system by periodically reorganizing the network connection between access users and reverse proxy servers in the network service system,which is called“shuffling”.It is difficult for malicious users to launch distributed denial of service(DDoS)attacks on the system.However,MTD also brings the tremendous resource consumption,which hinders the large-scale application of the MTD system.Therefore,to solve above problem,an intelligent active defense framework was proposed for online network service,named DQ-MOTAG,in which reinforcement learning was combined with MTD.An algorithm was designed to generate the optimal duration of each shuffling cycle,so as to guide the subsequent shuffling process.A series of experiments was carried out.Results show that DQ-MOTAG has obvious advantages in defense performance,false block rate and network source consumption compared with the existing methods.

关 键 词:动目标防御 深度强化学习 自适应策略 DDOS攻击 在线网络服务 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象