东北大学学报(自然科学版)

东北大学学报(自然科学版) ›› 2008, Vol. 29 ›› Issue (3): 324-327.DOI: -

• 论著 • 上一篇    下一篇

基于遗传基因过滤算法的带宽耗尽DDoS防范技术

郭睿;常桂然;孙宝京;刘安;   

  1. 东北大学信息科学与工程学院;东北大学信息科学与工程学院;沈阳炮兵学院电子侦察指挥系;沈阳炮兵学院电子侦察指挥系 辽宁 沈阳 110004;辽宁 沈阳 110004;辽宁 沈阳 110162;辽宁 沈阳 110162
  • 收稿日期:2013-06-22 修回日期:2013-06-22 出版日期:2008-03-15 发布日期:2013-06-22
  • 通讯作者: Guo, R.
  • 作者简介:-
  • 基金资助:
    教育部高等学校博士学科点专项科研基金(20030145017).

GA-based filtering algorithm to defend against DDoS attack due to bandwidth depletion

Guo, Rui (1); Chang, Gui-Ran (1); Sun, Bao-Jing (2); Liu, An (2)   

  1. (1) School of Information Science and Engineering, Northeastern University, Shenyang 110004, China; (2) Electronic Scouting and Commanding Department, Shenyang Artillery Academy, Shenyang 110162, China
  • Received:2013-06-22 Revised:2013-06-22 Online:2008-03-15 Published:2013-06-22
  • Contact: Guo, R.
  • About author:-
  • Supported by:
    -

RichHTML

0

PDF (PC)

518

摘要: 采用路由器过滤带宽耗尽DDoS流量,受到攻击的服务器应该与ISP协同工作来抵御带宽耗尽DDoS.使用Netflow统计的方法为路由器路由的流量分配权重.提出的算法主要是利用遗传基因算法在路由器上过滤流量从而得到最大的有效流量.并在真实的网络环境中验证了其可行性和有效性.该算法占用的资源少,也不需要ISP的所有路由器参与.同时服务器升级代价小、容易部署.防止DDoS的同时优化网络流量,有效地消除了由于正常的流量导致的全局突发流现象,较大地提高了服务器效率.

关键词: 分布式拒绝服务攻击, 基因算法, 流量控制, 蠕虫

Abstract: With the DDoS (distributed denial of service) traffic which was implemented using depleted bandwidth is filtered by routers, the attached server owners should work together with ISP (Internet service provider) to defend against such DDoS attack the way the Netflow statistics is mainly used to allocate the weights for traffic routing by routers. A new algorithm is thus proposed to get efficiently maximum traffic by GA with the traffic filtered by routers, and its feasibility and validity have been verified in real network circumstances. The algorithm shows its advantages that it just occupies a small part of resources without any ISP router required to participate in, and the servers can be upgraded at low cast and allocated easily. Moreover, it can optimize the network traffic simultaneously with defending against DDoS attack, thus eliminating efficiently the global burst of traffic arising from normal traffic so as to improve greatly the efficiency of servers.

中图分类号: