跳到主要內容

臺灣博碩士論文加值系統

(44.200.27.215) 您好!臺灣時間:2024/04/15 03:57
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:章思喬
研究生(外文):Ssu-chiao Chang
論文名稱:單一封包IP反向追蹤之標記法
論文名稱(外文):A Marking Scheme for Single-PacketIP Traceback
指導教授:何緯華
指導教授(外文):wei-hua He
學位類別:碩士
校院名稱:東吳大學
系所名稱:資訊科學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2006
畢業學年度:94
語文別:中文
論文頁數:23
中文關鍵詞:IP反向追蹤阻絕服務分散式阻絕服務
外文關鍵詞:IP tracebackdenial-of-servicedistributed denial-of-service
相關次數:
  • 被引用被引用:0
  • 點閱點閱:227
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
由於IPv4架構上的脆弱性,使得攻擊者能夠假冒封包的來源,因此需要IP反向追蹤技術來找出攻擊者的真實來源。目前的IP反向追蹤技術可以分為兩大類,一類是靠著大量的封包來建立阻絕服務(denial-of-service, DoS)或分散式阻絕服務(distributed denial-of-service, DDoS)攻擊路徑,另ㄧ類則是只需要單一封包即可追蹤攻擊的來源。本論文的方法是屬於只需使用單一封包即可達到IP反向追蹤。本論文方法是以Snoeren等人的方法為基礎,以跳躍的方式記錄彙記(digest),而不是每個經過的路由器都記錄彙記,使得記錄彙記的花費減少近乎一半。藉由額外記錄封包所經過的路由器資訊,將建構攻擊路徑所產生的錯誤節點數目大量的降低。整體而言,是一個有較低儲存花費及較少錯誤攻擊節點的單一封包IP反向追蹤方法。
According to the fragility on IPv4 structure, the attacker is able to imitate the source of the packet. So, we need the IP traceback technology to find out the attacker’s true source. IP traceback technology can be divided into two categories: one kind is to locate the origin of denial-of-service or distributed denial-of-service by numerous packets, the other can trace the attack source by a single packet. Our method only needs to use the single packet to support IP traceback. That is based on Snoeren et al.’s scheme, but records the digest of a packet by way of jumping. This means not all routers record the digest. Compared with Snoeren et al.’s scheme, the proposed method can half reduce the storage. The router records extra packet information that can reduce the number of error nodes upon locating the origin attack. In general, our method is the single IP traceback that has lower storage cost and error nodes.
誌謝 i
摘要 ii
Abstract iii
目錄 iv
表目錄 v
圖目錄 vi
圖目錄 vi
1. 緒論 7
1.1 研究背景與動機 7
1.2 研究目的 7
1.3 論文架構 8
2. 相關研究 9
3. 反向追蹤之標記法 13
3.1 標記法完整架構 13
3.2 IP反向追蹤 16
3.3 本論文方法與IPv6相關探討 17
4. 分析 19
5. 結論及未來展望 21
參考文獻 22
[1]Bellovin, S.M., Leech, M. and Taylor, T., “ICMP traceback messages,” IETF, Internet Draft, draft-ietf-itrace-01.txt (work in progress), 2001.
[2]Bloom, B., “Space/time trade-offs in hash coding with allowable errors,” Communications of ACM, Vol. 13, No. 7, pp. 422-426, 1970.
[3]Cooperative association for internet data analysis (CAIDA), http://www.caida.org/tools/measurement/iffinder.
[4]Deering, S. and Hinden, R. Internet Protocol, Version 6 (IPv6) Specification, 1998. RFC 2460
[5]Gong, C. and Sarac, K., “IP traceback based on packet marking and logging,” IEEE International Conference on Communications, No. 1, pp. 1043-1047, 2005.
[6]Goodrich, M.T., “Efficient packet marking for large-scale IP traceback,” ACM conference on computer and communications security (CCS), pp. 117-126, 2001.
[7]Li, J., Sung, M., Xu, J., Li, L. and Zhao, Q., “Large-scale IP traceback in high-speed internet: practical techniques and theoretical foundation,” IEEE Symposium on Security and Privacy, pp. 115-129, 2004.
[8]Mankin, A., Massey, D., Wu, C., Wu, S. and Zhang, L., “On design and evaluation of intention-driven ICMP traceback,” IEEE International Conference Computer Communications and Networks, pp. 159-165, 2001.
[9]Peng, T., Leckie, C. and Kotagiri, R., “Adjusted probabilistic packet marking for IP traceback,” Second International IFIP-TC6 Networking Conference, pp. 697-708, 2002.
[10]Savage, S., Wetherall, D., Karlin, A. and Anderson, T., “Practical network support for IP traceback,” ACM Special Interest Group on Data Communications’00, pp. 295-306, 2000.
[11]Savage, S., Wetherall, D., Karlin, A. and Anderson, T., “Network support for IP traceback,” IEEE/ACM Transactions on Networking, Vol. 9, No. 3, pp. 226-237, 2001.
[12]Snoeren, A., Partridge, C., Sanchez, L.,Jones, C., Tchakounito, F., Schwartz, B., Kent, S. and Strayer, W., “Hash-based IP traceback,” ACM Special Interest Group on Data Communications’01, pp. 3-14, 2001.
[13]Snoeren, A., Partridge, C., Sanchez, L.,Jones, C., Tchakounito, F., Schwartz, B., Kent, S. and Strayer, W., “Single-packet IP traceback,” IEEE/ACM Transactions on Networking, Vol. 10, No. 6, pp. 721-734, 2002.
[14]Song, D. and Perrig, A., “Advanced and authenticated marking schemes for IP traceback,” IEEE conference on Computer Communications, No. 1, pp. 878-886, 2001.
[15]Theilmann, W. and Rothermel, K., “Dynamic distance maps of the internet,” IEEE INFOCOM, Vol. 1, pp. 275-284, 2000.
[16]Zhang, L. and Guan, Y., “Topology-aware single message attack traceback,” US Security Convention, pp. 236-237, 2005.
[17]李志堅,「有效的動態機率封包標記」,逢甲大學資訊工程系碩士班碩士論文,2002。
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top