| 一种基于历史信任数据的DDOS防御模型 |
| |
| 引用本文: | 李金良,王文国,何裕友.一种基于历史信任数据的DDOS防御模型[J].微机发展,2007,17(7):160-162. |
| |
| 作者姓名: | 李金良 王文国 何裕友 |
| |
| 作者单位: | 曲阜师范大学计算机科学学院 山东日照276826 |
| |
| 基金项目: | 国家人事部高层次留学人员回国工作资助项目(国人部发[2004]61号) |
| |
| 摘 要: | 分布式拒绝服务攻击给网络安全和网络服务质量带来了巨大的威胁。通过对分布式拒绝服务攻击原理及现有防御措施的分析,为了更有效防御这类攻击的发生,可以考虑在边界路由器上建立一种基于历史信任数据的源地址库的防御模型。该模型以历史信任数据库为依托,通过对异常IP包使用核心无状态公平排队算法进行源地址检测并对其处理结果做出相应的处理,可以有效、快速过滤掉异常的IP包数据,提前防止网络受到分布式拒绝服务攻击的侵害。
|
| 关 键 词: | 分布式拒绝服务攻击 历史信任数据 异常IP包 源地址检测 核心无状态公平排队算法 |
| 文章编号: | 1673-629X(2007)07-0160-03 |
| 修稿时间: | 2006年9月23日 |
A Model Based on Historical Trusted Data to Defense DDOS |
| |
| LI Jin-liang,WANG Wen-guo,HE Yu-you.A Model Based on Historical Trusted Data to Defense DDOS[J].Microcomputer Development,2007,17(7):160-162. |
| |
| Authors: | LI Jin-liang WANG Wen-guo HE Yu-you |
| |
| Abstract: | The distributed denial of service attacks brought an enormous threat to network security and network quality of service.Through analysing principle of distributed denial of service attack and the existing preventive measures,in order to more effectively defend against such attacks,the border routers can be taken to establish a defense model based on historical trusted data of the source address.The model is based on a historical trusted database,and to the abnormal IP used CSFQ source address detection and makes treatment with outcome of the algorithm.The model can be effective,rapid filter abnormal IP packet data,in advance to prevent networks against distributed denial of service attack. |
| |
| Keywords: | DDOS historical trusted data abnormal IP source address detected CSFQ |
| 本文献已被 CNKI 等数据库收录! |
