###
DOI:
Journal of Software:2003.14(5):1005-1010

通过自适应随机数据包标记实现实时IP回溯
梁丰,赵新建
(浙江工业大学浙江省光纤通信技术重点实验室,浙江,杭州,310014)
Real Time IP Traceback with Adaptive Probabilistic Packet Marking
LIANG Feng,ZHAO Xin-Jian
()
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 2776   Download 3107
Received:January 07, 2002    Revised:August 27, 2002
> 中文摘要: 随机数据包标记(PPM)是对拒绝服务攻击进行IP回溯的一种实用而有效的方法.提供了一种自适应的PPM算法:一个路由器按一个与路过的数据包已传输距离自适应的概率标记该数据包,从而被攻击者可以以最短的收敛时间重构一个攻击路径.通过一个新的称为标注片段编码的IP重载方案,实现了实时的重构,从而能同时回溯数千条路径.与以前的PPM方案相比,收敛时间减少了50%,同时大大减少了重构计算量和伪证性.
Abstract:Probabilistic packet marking (PPM) is a practical and effective method for IP traceback ofdenial-of-service (DOS) attack. In this paper, an adaptive PPM algorithm is presented: a router marks a passingpacket with a probability which is adaptive to the distance that the packet has traversed, so that a minimumconvergence time for an attacking path can be achieved in the victim. With a new IP header overloading scheme, thelabeled fragment encoding scheme, a real-time reconstruction is provided, so that thousands of paths can be tracedsimultaneously. Compared with previous PPM schemes, a 50% decrease in convergence time is achieved, while thecomputation overhead and false positives in re construction are greatly reduced.
keywords: network security  DDoS  router  IP traceback  PPM
文章编号:     中图分类号:    文献标志码:
基金项目:Supported by the Natural Science Foundation of Zhejiang Province of China under Grant No.602112 (浙江省自然科学基金); theCenter for Education and Research in Information Assurance and Security (CERIAS) Supported by the Natural Science Foundation of Zhejiang Province of China under Grant No.602112 (浙江省自然科学基金); theCenter for Education and Research in Information Assurance and Security (CERIAS)
Foundation items:
Reference text:

梁丰,赵新建.通过自适应随机数据包标记实现实时IP回溯.软件学报,2003,14(5):1005-1010

LIANG Feng,ZHAO Xin-Jian.Real Time IP Traceback with Adaptive Probabilistic Packet Marking.Journal of Software,2003,14(5):1005-1010