服务跳转时DoS回避机制

2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007) Pub Date : 2007-09-18 DOI:10.1109/NPC.2007.59

Leyi Shi, Chunfu Jia, Shuwang Lu

{"title":"服务跳转时DoS回避机制","authors":"Leyi Shi, Chunfu Jia, Shuwang Lu","doi":"10.1109/NPC.2007.59","DOIUrl":null,"url":null,"abstract":"Motivated by frequency hopping for military environment, this paper introduces a DoS/DDoS evading paradigm through service hopping technique, which changes the service information such as port number or network address pseudo-randomly. A skeleton of DoS evading is established upon hopping tactic. Thereafter, theoretical analysis of evading performance is carried out; experimental validation is well performed on a centralized hopping prototype and a distributed system. Our study shows that faster tactic of port and address hopping can be able to provide better service under DoS attacks; however, excessively faster scheme would cause much service problem because of transmission delay and traffic jam.","PeriodicalId":278518,"journal":{"name":"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)","volume":"122 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"DoS Evading Mechanism upon Service Hopping\",\"authors\":\"Leyi Shi, Chunfu Jia, Shuwang Lu\",\"doi\":\"10.1109/NPC.2007.59\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Motivated by frequency hopping for military environment, this paper introduces a DoS/DDoS evading paradigm through service hopping technique, which changes the service information such as port number or network address pseudo-randomly. A skeleton of DoS evading is established upon hopping tactic. Thereafter, theoretical analysis of evading performance is carried out; experimental validation is well performed on a centralized hopping prototype and a distributed system. Our study shows that faster tactic of port and address hopping can be able to provide better service under DoS attacks; however, excessively faster scheme would cause much service problem because of transmission delay and traffic jam.\",\"PeriodicalId\":278518,\"journal\":{\"name\":\"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)\",\"volume\":\"122 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-09-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NPC.2007.59\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NPC.2007.59","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

摘要

以军事环境下的跳频为动力，提出了一种利用服务跳频技术的DoS/DDoS规避范例，该方法随机改变端口号或网络地址等服务信息。在跳跃战术的基础上建立了DoS的躲避骨架。然后，对规避性能进行了理论分析;在集中式跳变原型和分布式系统上进行了实验验证。研究表明，在DoS攻击下，更快的端口和地址跳转策略可以提供更好的服务;但是，速度过快的方案会造成传输延迟和交通堵塞等业务问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

DoS Evading Mechanism upon Service Hopping

Motivated by frequency hopping for military environment, this paper introduces a DoS/DDoS evading paradigm through service hopping technique, which changes the service information such as port number or network address pseudo-randomly. A skeleton of DoS evading is established upon hopping tactic. Thereafter, theoretical analysis of evading performance is carried out; experimental validation is well performed on a centralized hopping prototype and a distributed system. Our study shows that faster tactic of port and address hopping can be able to provide better service under DoS attacks; however, excessively faster scheme would cause much service problem because of transmission delay and traffic jam.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)

自引率

0.00%

发文量