计算机科学 ›› 2014, Vol. 41 ›› Issue (7): 58-61.doi: 10.11896/j.issn.1002-137X.2014.07.011
施江勇,鲜明,王会梅,刘建
SHI Jiang-yong,XIAN Ming,WANG Hui-mei and LIU Jian
摘要: 针对DoS攻击的弱点,降质服务攻击(RoQ)利用常见的 网络或终端系统自适应机制中存在的安全漏洞,通过间歇性地发送高强度攻击脉冲,降低受害者端的服务性能。RoQ攻击的隐蔽性更强,攻击效率更高,同时也给其检测和评估提出了挑战。分析了目前针对RoQ攻击的防范措施,主要有修改协议、攻击流特征检测以及自适应检测修复等。通过构建RoQ攻防的随机Petri网模型,使用SPNP软件仿真得出了服务质量随攻防博弈过程的变化情况,从而对不同防范措施的效果进行评估,为网络战攻防决策提供一些参考。
[1] 鲜明,包卫东,等.网络攻击效果评估导论[M].长沙:国防科技大学出版社,2007 [2] 何炎翔,刘陶.降质服务攻击及其防范方法[M].北京:机械工业出版社,2011 [3] Shevtekar A,Ansari N.Do Low Rate DoS Attacks Affect QoS Sensitive VoIP Traffic [C]∥Proceedings of IEEE International Conference on Communications.2006:2153-2158 [4] Luo Xia-pu,Chang R.On a New Class of Pulsing Denial-of-Service Attacks and the Defense [C]∥Network and Distributed System Security Symposium.2005:926-937 [5] Yu Chen,Kai Hwang.Collaborative detection and filtering ofshrew DDoS attacks using spectral analysis [J].Journal of Parallel and Distributed Computing-Special issue:Security in grid and distributed systems,2006,66(9):1137-1151 [6] Sun H,Lui J C S,Yau D K Y.Defense against low-rate TCP attacks:dynamic detection and protection[C]∥Proceedings of the 12th IEEE International Conference on Network Protocols.2004:196-205 [7] He Yan-xiang,Cao Qiang,Liu Tao,et al.A Low-Rate DoS Detection Method Based on Feature Extraction Using Wavelet Transform [J].Journal of Software,2009,20(4):930-941 [8] He Yan-xiang,Zhong Hai,Liu Tao,et al.Support Vector Ma-chine Based Integrated Detection Method for RoQ Attacks [C]∥The 3rd VARA.Huangshan,2010:167-178 [9] Zhang Jing,Liu Bo,Hu Hua-ping,et al.Simulation and Analysis of Quiet DDOS Attacks [J].Instrumentation,Measurement,Circuits and Systems Advances in Intelligent and Soft Computing,2012,127:71-81 [10] Tang Ya-juan.Countermeasures on Application Level Low-Rate Denial-of-Service Attack [J].Information and Communications Security Lecture Notes in Computer Science,2012,7618:70-80 |
No related articles found! |
|