| 网络入侵检测系统的拒绝服务攻击的检测与防御 |
| |
| 引用本文: | 孙钦东,张德运,高鹏,张晓.网络入侵检测系统的拒绝服务攻击的检测与防御[J].西安交通大学学报,2004,38(2):132-135. |
| |
| 作者姓名: | 孙钦东 张德运 高鹏 张晓 |
| |
| 作者单位: | 西安交通大学电子与信息工程学院,710049,西安 |
| |
| 基金项目: | 国家信息化计算机网络与信息安全基金资助项目 (2 0 0 1 -研 1 - 0 1 0 ) |
| |
| 摘 要: | 针对网络入侵检测系统的拒绝服务攻击(DOS)具有难于检测与防御的特点,提出了一种新颖的检测与防御算法。该算法通过分析告警的频率与分散度来检测DOS攻击,并采用分阶段切换的方式将状态检测由正常模式转为紧急模式,丢弃不属于正常TCP会话的数据包,以实现对DOS的防御。性能分析和实验结果表明,该算法能够及时发现、防御DOS攻击,有效地阻止DOS攻击所造成的系统破坏。
|
| 关 键 词: | 入侵检测 拒绝服务攻击 状态检则 |
| 文章编号: | 0253-987X(2004)02-0132-04 |
| 修稿时间: | 2003年4月23日 |
Detecting and Defeating Denial-of-Service Attacks on Network Intrusion Detection Systems |
| |
| Sun Qindong,Zhang Deyun,Gao Peng,Zhang Xiao.Detecting and Defeating Denial-of-Service Attacks on Network Intrusion Detection Systems[J].Journal of Xi'an Jiaotong University,2004,38(2):132-135. |
| |
| Authors: | Sun Qindong Zhang Deyun Gao Peng Zhang Xiao |
| |
| Abstract: | Aiming at the characterstic of denial-of-service (DOS) attacks, a novel algorithm is proposed to detect and defeat DOS attacks. Through analyzing the frequency and dispersion of alerts, the DOS attacks are detected. To defeat the attacks, the stateful inspection is switched from normal mode to emergency mode by the staged switch method and packets that don't belong to a normal TCP session are dropped. Performance analysis and experiments demonstrate that the algorithm can discover the DOS attacks in time and effectively protect network intrusion detection systems. |
| |
| Keywords: | intrusion detection denial-of-service attacks stateful inspection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
