摘要
将分布式拒绝服务攻击视作一种可观察行动的多阶段不完全信息博弈,给出了该博弈的扩展型表示,提出为了达到该博弈的完美贝叶斯均衡,需解决局中人类型的信念计算及修正问题.作为观点的实践,提出一种根据访问速率以及访问流量源地址分布特征对分布式拒绝服务攻击流量进行选择性过滤的方法,并对该方法进行了验证.
As one of the most notorious network attacks, distributed denial-of-service (DDoS) attack is famous for its easiness to launch and difficulty to defend. DDoS attack was regarded as a multistage game of incomplete information with observable actions and its extensive form was given out. It is pointed out that to attain the game's perfect Bayes equilibrium, the problem of computing and modifying the belief value of each player's type must be solved. Asa practice of this viewpoint, a method of filtering attack stream according to its package rate and source address distribution characteristic was proposed. Finally, simulation was given out to demonstrate the effectiveness of the method.
出处
《上海交通大学学报》
EI
CAS
CSCD
北大核心
2008年第2期198-201,共4页
Journal of Shanghai Jiaotong University
基金
国家自然科学基金(60605019
60772098
60672068)资助项目
教育部新世纪优秀人才支持计划(NCET-06-0393)资助项目
关键词
网络攻防
分布式拒绝服务攻击
博弈论
防御
完美贝叶斯均衡
network attack and defense
distributed denial-of-service (DDoS) attack
game theory
defending
perfect Bayes equilibrium