首页> 外文会议>Asia-Pacific Conference on Communications >Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination

【24h】

Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination

机译：通过分析到目的地的跳数，基于Traceroute的目标链路洪泛攻击检测方案

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Recently, the detection of target link flooding attack which is a new type of DDoS (Distributed Denial of Service) is required. Target link flooding attack is used for disconnecting a specific area from the Internet. It is more difficult to detect and mitigate this attack than legacy DDoS since attacking flows do not reach the target region. Among several schemes for target link flooding attack, the scheme focusing on traceroute is gathering attention. The idea behind that is the attacker needs to send traceroute to investigate the topology around targeted region before attack starts. That scheme detects the attack by finding rapid increase of traceroute. However, it cannot work when attacker's traceroute ratio is low. In this paper, we propose traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination. Since the attacker must choose the link flooded to disconnect the target area, the destinations of attacker's traceroutes are concentrated within several hops from the target link while legitimate user's ones are distributed uniformly. By analyzing the number of traceroutes as per hop counts, the change can be emphasized and the attack symptom might be more easily captured. By computer simulations, we first prove the above hypotheses and show that our scheme has more robustness compared with the conventional scheme.

机译：最近，需要检测目标链路泛洪攻击，这是一种新型的DDoS（分布式拒绝服务）。目标链接泛洪攻击用于将特定区域与Internet断开连接。由于攻击流无法到达目标区域，因此与传统DDoS相比，检测和缓解这种攻击更加困难。在针对目标链路洪泛攻击的几种方案中，以跟踪路由为重点的方案引起了人们的关注。其背后的想法是，攻击者需要在攻击开始之前发送traceroute来调查目标区域周围的拓扑。该方案通过发现traceroute的快速增加来检测攻击。但是，当攻击者的跟踪路由比率较低时，它将无法工作。在本文中，我们通过分析到目的地的跳数，提出了基于跟踪路由的目标链路洪泛攻击检测方案。由于攻击者必须选择淹没的链路才能断开目标区域的连接，因此攻击者的跟踪路由的目的地集中在距目标链路几跳之内，而合法用户的路由则是均匀分布的。通过分析每个跃点数的跟踪路由数，可以强调此变化并且可以更轻松地捕获攻击症状。通过计算机仿真，我们首先证明了上述假设，并表明我们的方案与常规方案相比具有更高的鲁棒性。

著录项

来源
《Asia-Pacific Conference on Communications》|2017年|1-6|共6页
会议地点
作者
Kei Sakuma; Hiromu Asahina; Shuichiro Haruta; Iwao Sasase;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Servers; Computer crime; Network topology; Computer simulation; Robustness; Web and internet services;

机译：服务器;计算机犯罪;网络拓扑;计算机仿真;稳健性; Web和Internet服务;

相似文献

外文文献
中文文献
专利

1. Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination [J] . Hiromu Asahina, Kei Sakuma, Shuichiro Haruta, IEICE Communications Express . 2019,第7期

机译：通过分析到目的地的跳数，基于Traceroute的目标链路洪泛攻击检测方案
2. Traceroute based Target Link Flooding Attack Detection Scheme by Analyzing Hop Count to the Destination [J] . Kei SAKUMA, Hiromu ASAHINA, Shuichiro HARUTA, 電子情報通信学会技術研究報告. 通信方式. Communication Systems . 2017,第309期

机译：基于Traceroute的目标链路泛洪攻击检测方案通过分析到目的地
3. Target Link Flooding Attack Prevention Scheme by Monitoring Traceroute Packets Flow [J] . Takayuki HIRAYAMA, Kentaroh TOYODA, Iwao SASASE 電子情報通信学会技術研究報告. 通信方式. Communication Systems . 2015,第304期

机译：通过监视Traceroute数据包流来防止目标链路泛洪攻击
4. Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination [C] . Kei Sakuma, Hiromu Asahina, Shuichiro Haruta, Asia-Pacific Conference on Communications . 2017

机译：基于Traceroute的目标链路泛滥攻击检测方案通过分析到目的地
5. Estimation of origin-destination matrices from link traffic counts and user equilibrium link information. [D] . Cho, Seongkil. 2001

机译：根据链接流量计数和用户均衡链接信息估算起点-目的地矩阵。
6. A Hop-Count Analysis Scheme for Avoiding Wormhole Attacks in MANET [O] . Shang-Ming Jen, Chi-Sung Laih, Wen-Chung Kuo 2009

机译：MANET中避免蠕虫攻击的跳数分析方案
7. Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination [O] . Hiromu Asahina, Kei Sakuma, Shuichiro Haruta, 2019

机译：基于Traceroute的目标链路泛滥攻击检测方案通过分析到目的地
8. Determination of Network Origin-Destination Matrices Using Partial Link Traffic Counts and Virtual Sensor Information in an Integrated Corridor Management Framework. NEXTRANS Project No.. 056PY03. [R] . Hu, S. R., Liou, H. T., Peeta, S., 2014

机译：在综合走廊管理框架中使用部分链路流量计数和虚拟传感器信息确定网络起始 - 目的地矩阵。 NEXTRaNs项目编号056pY03。

Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination

摘要

著录项

相似文献

相关主题

期刊订阅