###
Journal of Software:2014.25(3):591-605

低速率拒绝服务攻击研究与进展综述
文坤,杨家海,张宾
(清华大学 网络科学与网络空间研究院, 北京 100084;清华信息科学与技术国家实验室筹清华大学, 北京 100084)
Survey on Research and Progress of Low-Rate Denial of Service Attacks
WEN Kun,YANG Jia-Hai,ZHANG Bin
(Institute for the Network Sciences and Cyberspace, Tsinghua University, Beijing 100084, China;Tsinghua National Laboratory for Information Science and Technology Tsinghua University, Beijing 100084, China)
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 4899   Download 3010
Received:July 17, 2012    Revised:November 11, 2013
> 中文摘要: 低速率拒绝服务攻击是新型的拒绝服务攻击,对Internet的安全造成严重的潜在威胁,引起众多研究者的兴趣和重视,成为网络安全领域的重要研究课题之一.自2003年以来,研究者先后刻画了Shrew攻击、降质攻击、脉冲拒绝服务攻击和分布式拒绝服务攻击等多种低速率拒绝服务攻击方式,并提出了相应的检测防范方法.从不同角度对这种新型攻击的基本机理和攻击方法进行了深入的研究;对TCP拥塞控制机制进行了安全性分析,探讨了引起安全问题的原因;对现有的各种各样的LDoS攻击防范和检测方案,从多个方面进行了分类总结和分析评价;最后总结了当前研究中出现的问题,并展望了未来研究发展的趋势,希望能为该领域的研究者提供一些有益的启示.
Abstract:Low-Rate denial of service (LDoS) attack is a new category of denial of service attacks which may become a serious threat to Internet. It has attracted many researchers' interest and is becoming an important research topic in network security area. Since 2003, researchers have revealed several kinds of low-rate denial of service attacks, such as the shrew attack, the reduction of quality (RoQ) attack, the pulsing denial-of-service (PDoS) attack and the distributed low-rate denial of service attacks (DLDoS). They also proposed some corresponding defense and detection methods. This paper thoroughly reviews the state-of-the-art of LDoS attack and prevention research, and also analyzes the basic mechanism and attack methods of different LDoS attacks. Especially, it analyzes the security of TCP congestion avoidance mechanism, and illustrates the cause of potential security issue of such mechanism. In addition, the paper also reviews and evaluates the current LDoS attack prevention and detection approaches. Finally, the paper identifies some open research issues and points out possible future research directions in LDoS attack research area.
文章编号:     中图分类号:    文献标志码:
基金项目:国家重点基础研究发展计划(973)(2009CB320505);国家自然科学基金(61170211,61202356);教育部博士学科点专项基金(20110002110056) 国家重点基础研究发展计划(973)(2009CB320505);国家自然科学基金(61170211,61202356);教育部博士学科点专项基金(20110002110056)
Foundation items:
Reference text:

文坤,杨家海,张宾.低速率拒绝服务攻击研究与进展综述.软件学报,2014,25(3):591-605

WEN Kun,YANG Jia-Hai,ZHANG Bin.Survey on Research and Progress of Low-Rate Denial of Service Attacks.Journal of Software,2014,25(3):591-605