|国家科技期刊平台
| 注册
首页|期刊导航|计算机技术与发展|基于Serverless的反溯源技术应用研究

基于Serverless的反溯源技术应用研究

韩杰 冯美琪 李建欣

计算机技术与发展2023,Vol.33Issue(12):143-148,6.
计算机技术与发展2023,Vol.33Issue(12):143-148,6.DOI:10.3969/j.issn.1673-629X.2023.12.020

基于Serverless的反溯源技术应用研究

Research on Application of Anti-traceability Technology Based on Serverless

韩杰 1冯美琪 2李建欣2

作者信息

  • 1. 北京航天万源科技有限公司,北京 100176
  • 2. 中国民航信息网络股份有限公司 运行中心,北京 101318
  • 折叠

摘要

Abstract

With the network gradually becoming the main battlefield of ideological competition,the technical means of both sides of the attack and defense are increasingly refined in the continuous game.The existing anti-traceability means cannot avoid the multi-dimensional and multi-technology traceability means of the defense side,and are more likely to be countered by the defense side.We propose an application idea of anti-traceability technology based on Serverless,which makes use of the event-driven and auto-scaling features of Serverless to make users automatically call the IP address of different areas when requesting the target,so as to achieve the purpose of hiding their own real IP address.At the same time,because Serverless realizes the separation of application development and server,attackers can directly write attack code,which is more conducive to hiding identity.By using the cloud function in Serverless and CobaltStrike software to test and verify its feasibility.It is found that it can well hide the source of attack and the defender cannot trace the source of the real attack.At the same time,from the perspective of the defender,the traffic characteristics are analyzed in detail,and the attack detection model is built based on the two dimensions of the characteristic value and the access statistical characteristics.By sim-ulating the actual attack behavior and the normal business behavior,it is verified that the detection model can well detect the attack behavior,and can distinguish the attack behavior and normal business behavior.To some extent it can reduce the false alarm,reduce the influence on normal business,improve the processing efficiency of security events,and provide a detection idea for the defense's intrusion detection.

关键词

网络攻防/攻击溯源/反溯源/Serverless/攻击检测

Key words

network attack-defense/attack traceability/anti-traceability/Serverless/attack detection

分类

信息技术与安全科学

引用本文复制引用

韩杰,冯美琪,李建欣..基于Serverless的反溯源技术应用研究[J].计算机技术与发展,2023,33(12):143-148,6.

基金项目

国家重点研发计划(2021YFB3101900) (2021YFB3101900)

计算机技术与发展

OACSTPCD

1673-629X

访问量0
|
下载量0
段落导航相关论文