通信学报2017,Vol.38Issue(z1):19-24,6.DOI:10.11959/j.issn.1000-436x.2017230
抵御DoS攻击的端信息跳变Web插件机制
Web plug-in paradigm for anti-DoS attack based on end hopping
摘要
Abstract
The end hopping technology is a proactive network defense technology proposed to mitigate the network at-tack. By changing the IP address, port and other information in the communication pseudo-randomly to achieve the pur-pose of confusing the attacker. The plug-in mechanism based on the end hopping technology was introduced, and it was applied to the field of Web protection. This plug-in was designed to confuse and interfere with attackers. The plug-in model was divided into two working modes, which are non-end-hopping mode and end hopping mode. The plug-in ac-cording to the instructions of the UDP spokesman to switch its own work mode and when the communication link is safe and reliable, it choose the fist mode which can reduce the cost of services. Another, when the network is attacked, the plug-in switches to the end hopping mode to ensure the safety of communications.The experimental results show that the plug-in mechanism based on end hopping has high service and security performance under SYN Flood attack and UDP Flood attack.关键词
网络安全/主动防御/端信息跳变/Web插件/DoS攻击Key words
network security/active defense/end hopping/Web plug-in/DoS attack分类
信息技术与安全科学引用本文复制引用
石乐义,孙慧,崔玉文,郭宏彬,李剑蓝..抵御DoS攻击的端信息跳变Web插件机制[J].通信学报,2017,38(z1):19-24,6.基金项目
国家自然科学基金资助项目(No.61772551) (No.61772551)
青岛市科技计划基金资助项目(No.15-9-1-79-jch)The National Natural Science Foundation of China (No.61772551), The Science and Technology Plan of Qing-dao (No.15-9-1-79-jch) (No.15-9-1-79-jch)
