| 基于猜谜机制的增强权证防御技术 |
| |
| 引用本文: | 张会展,金光,李渊,陈征,钱江波.基于猜谜机制的增强权证防御技术[J].宁波大学学报(理工版),2009,22(1):61-65. |
| |
| 作者姓名: | 张会展 金光 李渊 陈征 钱江波 |
| |
| 作者单位: | 宁波大学信息科学与工程学院,浙江,宁波,315211 |
| |
| 基金项目: | 浙江省自然科学基金,浙江省教育厅科学研究项目,宁波市自然科学基金,宁波大学人才工程项目 |
| |
| 摘 要: | 权证机制能有效地防御DoS攻击,但其新引起的拒绝权证攻击则严重地制约了其防御效果,因此针对此类攻击,提出基于猜谜的增强权证请求机制,如果一旦请求信道带宽被耗尽,权证路由器将实施拥塞猜谜策略,向请求权证的所有源主机发送谜题,要求其必须首先解谜,并将答案附于增强请求包中,经路由器验证后才予转发.仿真试验证明:该机制具有较好的防御效果,即使在恶意权证请求严重泛滥的情况下也能保证合法用户高效地获得权证.
|
| 关 键 词: | 网络安全 拒绝服务攻击 权证 拒绝权证请求 拥塞猜谜 |
Puzzle-based Enhanced Capability Defense Technique |
| |
| ZHANG Hui-zhan,JIN Guang,LI Yuan,CHEN Zheng,QIAN Jiang-bo.Puzzle-based Enhanced Capability Defense Technique[J].Journal of Ningbo University(Natural Science and Engineering Edition),2009,22(1):61-65. |
| |
| Authors: | ZHANG Hui-zhan JIN Guang LI Yuan CHEN Zheng QIAN Jiang-bo |
| |
| Institution: | Faculty of Information Science and Technology;Ningbo University;Ningbo 315211;China |
| |
| Abstract: | The Capability mechanism is well known for its effective defense against DoS attacks,but Denial-of-Capability(DoC) attacks may seriously compromise this defense effect.To tackle the problems of DoC attacks,a new scheme called Enhanced Capability Request(ECR) based on puzzle is proposed.Once the request channel is exhausted,capability-enabled routers will implement congestion-puzzle mechanisms to send puzzles to all clients requesting for riddling.All the clients are expected to solve the puzzles and attach ... |
| |
| Keywords: | internet security denial of service capabilities denial of capability congestion puzzle |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
