防止UPnP拒绝服务攻击的方案

2008 ISECS International Colloquium on Computing, Communication, Control, and Management Pub Date : 2008-08-03 DOI:10.1109/CCCM.2008.162

Jiahui Wang, Liang He, Zili Zhou

{"title":"防止UPnP拒绝服务攻击的方案","authors":"Jiahui Wang, Liang He, Zili Zhou","doi":"10.1109/CCCM.2008.162","DOIUrl":null,"url":null,"abstract":"Denial of service (DoS) attack can be easily launched for the simple service discovery Protocol (SSDP) on Universal Plug and Play (UPnP). This paper proposes a novel DoS defense scheme on UPnP. The connection between UPnP devices and attack nodes will be limited, and the useless descriptions received by the UPnP control points will be filtered through setting packet-filter with traffic anomaly detection on the active nodes and rule-based XML firewall on the UPnP control points. Finally, the paper analyzes the performance of this scheme, which shows its particular advantages.","PeriodicalId":326534,"journal":{"name":"2008 ISECS International Colloquium on Computing, Communication, Control, and Management","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Scheme to Prevent Denial of Service Attacks on UPnP\",\"authors\":\"Jiahui Wang, Liang He, Zili Zhou\",\"doi\":\"10.1109/CCCM.2008.162\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Denial of service (DoS) attack can be easily launched for the simple service discovery Protocol (SSDP) on Universal Plug and Play (UPnP). This paper proposes a novel DoS defense scheme on UPnP. The connection between UPnP devices and attack nodes will be limited, and the useless descriptions received by the UPnP control points will be filtered through setting packet-filter with traffic anomaly detection on the active nodes and rule-based XML firewall on the UPnP control points. Finally, the paper analyzes the performance of this scheme, which shows its particular advantages.\",\"PeriodicalId\":326534,\"journal\":{\"name\":\"2008 ISECS International Colloquium on Computing, Communication, Control, and Management\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-08-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 ISECS International Colloquium on Computing, Communication, Control, and Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCCM.2008.162\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 ISECS International Colloquium on Computing, Communication, Control, and Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCCM.2008.162","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

针对UPnP (Universal Plug and Play)上的简单服务发现协议SSDP (simple service discovery Protocol)，容易发起DoS (Denial of service)攻击。提出了一种新的基于UPnP的DoS防御方案。UPnP设备与攻击节点之间的连接将受到限制，UPnP控制点接收到的无用描述将通过在主节点上设置流量异常检测包过滤和在UPnP控制点上设置基于规则的XML防火墙进行过滤。最后对该方案的性能进行了分析，显示了其独特的优点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Scheme to Prevent Denial of Service Attacks on UPnP

Denial of service (DoS) attack can be easily launched for the simple service discovery Protocol (SSDP) on Universal Plug and Play (UPnP). This paper proposes a novel DoS defense scheme on UPnP. The connection between UPnP devices and attack nodes will be limited, and the useless descriptions received by the UPnP control points will be filtered through setting packet-filter with traffic anomaly detection on the active nodes and rule-based XML firewall on the UPnP control points. Finally, the paper analyzes the performance of this scheme, which shows its particular advantages.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2008 ISECS International Colloquium on Computing, Communication, Control, and Management

自引率

0.00%

发文量