| 神经网络和IP标记在DDoS攻击防御中的应用 |
| |
| 引用本文: | 唐林,唐治德,马超.神经网络和IP标记在DDoS攻击防御中的应用[J].计算机仿真,2008,25(2):149-152. |
| |
| 作者姓名: | 唐林 唐治德 马超 |
| |
| 作者单位: | 重庆大学电工新技术教育部重点实验室,重庆,400044 |
| |
| 摘 要: | DDoS(Distributed Denial of Service)攻击是在传统的DoS攻击上产生的新的网络攻击方式,是Internet面临的最严峻威胁之一,这种攻击带来巨大的网络资源消耗,影响正常的网络访问.DDoS具有分布式特征,攻击源隐蔽,而且该类攻击采用IP伪造技术,不易追踪和辨别.任何网络攻击都会产生异常流量,DDoS也不例外,分布式攻击导致这种现象更加明显.主要研究利用神经网络技术并借助IP标记辅助来甄别异常流量中的网络数据包,方法是:基于DDoS攻击总是通过多源头发起对单一目标攻击的特点,通过IP标记技术对路由器上网路包进行标记,获得反映网络流量的标记参数,作为神经网络的输入参数相量;再对BP神经网络进行训练,使其能识别DDoS攻击引起的异常流量;最后,训练成熟的神经网络即可在运行时有效地甄别并防御DDoS攻击,提高网络资源的使用效率.通过实验证明了神经网络技术防御DDoS攻击是可行和高效的.
|
| 关 键 词: | 分布式拒绝服务攻击 异常流量 神经网络 网络包标记 |
| 文章编号: | 1006-9348(2008)02-0149-04 |
| 收稿时间: | 2007-01-27 |
| 修稿时间: | 2007-02-02 |
Application of Neural Network and IP Marking in DDoS Attack Defence |
| |
| TANG Lin,TANG Zhi-de,MA Chao.Application of Neural Network and IP Marking in DDoS Attack Defence[J].Computer Simulation,2008,25(2):149-152. |
| |
| Authors: | TANG Lin TANG Zhi-de MA Chao |
| |
| Abstract: | DDoS attack, one of the serious menaces to Internet security at present, is originated from DoS attacks. It would be very serious once the network was intruded and attacked by DDoS attack. This attack will cause huge consumption of the resources of network, and block the legitimate traffic. It is diffcult to detect the attack sources because DDoS attacks are distributed on the network. Furthermore these kinds of attacks use IP spoofing, of which fraud IP addresses are forged to hide packer originators and conceal attackers. This attack will cause abnormal traffic and the abnormal traffic will be even obvious when the attack is from distributed sources. So, the approach proposed is to find the network anomalies by using neural network, with the assist of flexible deterministic packer marking. The experimental results show that this approach can be used to defend DDoS attack effectively. |
| |
| Keywords: | DDoS attack Abnormal traffic Neural networks IP marking |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
