通信学报
• 学术通信 • 上一篇 下一篇
陶建喜1,3,4,周立2,周舟1,4,杨威1,4,刘庆云1,4,杨嵘1,4
出版日期:
发布日期:
基金资助:
Online:
Published:
摘要: 针对现有网络安全设施无法有效防御非对称路由环境下流量规模较大的SYN flood攻击的问题,对SYN flood攻击检测技术和TCP连接管理策略进行研究,提出了一种轻量级攻击检测和混合连接管理策略相结合的防御方法,利用SYN分组比例和目的地址熵进行攻击检测,并根据检测结果对基于SYN的连接管理策略和基于数据的连接管理策略进行灵活切换。实验证明该防御方法能有效地减轻SYN flood攻击对网络安全设施的影响。
Abstract: In order to resolve the problem that existing network security facilities can’t defend against large-scale SYN flood attack under asymmetric routing environment, attack detection technology and connection management strategy were researched, and a defense architecture combining a light-weight detection method with a hierarchical connection management strategy was presented. The detection method uses SYN packet rate and destination IP address entropy, and the hierarchical connection management strategy consists of a method based on SYN packet and a method based on data packet. The experimental results show that this proposed method can mitigate the influence brought by SYN flood attack.
陶建喜1,3,4,周立2,周舟1,4,杨威1,4,刘庆云1,4,杨嵘1,4. 非对称路由环境下SYN flood攻击防御方法[J]. 通信学报.
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.infocomm-journal.com/txxb/CN/
https://www.infocomm-journal.com/txxb/CN/Y2013/V34/IZ1/38