摘要
DOS(Denial of Service) /DDOS(DistributedDenial of Service)网络攻击不但给被攻击目标带来麻烦 ,而且还严重干扰与被攻击目标共享网络的其它流量 .利用主动网络将一些计算功能增加到每个中间节点 (路由节点、交换机等 ) ,提出一个防御和控制DOS/DDOS攻击的机制体系 ,这个机制体系主要包括以下 3个机制 :基于集群的自动鉴别和控制机制、基于集群的主动通告追踪机制和基于管理域的控制合作机制 .基于集群的自动鉴别和控制机制包括对DOS/DDOS网络攻击集群的鉴别策略及控制它们的速率限制策略 .基于集群的主动通告追踪机制则是把这些攻击集群特征通告给上游主动节点并使之激活当地的速率限制策略 .利用该系统 ,在试验中能够有效地预防和控制DOS/DDOS攻击 .
DOS (denial-of-service)/DDOS (distributed denial-of-service) network attack not only causes harm to attacked target, but also disturbs other flows that share the same network with attacked target. By adding computing into every bosom node (route, switch), a mechanism system to recover and control DOS/DDOS attack which based on active network was advanced. The mechanism system was composed of three mechanisms: cluster-based automatic identification and control mechanism, cluster-based active notify trace mechanism and administration domain based control cooperation mechanism. Cluster-based automatic identification and control mechanism included identification policy of attack cluster and rate-limit policy of controlling them. Cluster-based active notify trace mechanism can notify the characteristic of attack cluster to upstream active node and activate local rate-limit policy. Effective recovery and the control of DOS/DDOS attack can be realized by using this system at lab.
出处
《北京航空航天大学学报》
EI
CAS
CSCD
北大核心
2004年第11期1033-1037,共5页
Journal of Beijing University of Aeronautics and Astronautics
关键词
DOS/DDOS攻击
主动网络
集群
Active networks
Computer crime
Computer networks
Identification (control systems)
Mechanisms
Recovery
