计算机应用 ›› 2016, Vol. 36 ›› Issue (11): 3093-3097.DOI: 10.11772/j.issn.1001-9081.2016.11.3093

• 网络空间安全 • 上一篇    下一篇

基于多维伪随机序列的高级包标记策略算法

唐燕1, 闾国年2, 张红1   

  1. 1. 南京师范大学泰州学院 信息工程学院, 江苏 泰州 225300;
    2. 南京师范大学 地理科学学院, 南京 210046
  • 收稿日期:2016-04-13 修回日期:2016-07-05 出版日期:2016-11-10 发布日期:2016-11-12
  • 通讯作者: 唐燕
  • 作者简介:唐燕(1983-),女,江苏扬州人,讲师,博士,主要研究方向:编码理论、网络犯罪定位;闾国年(1961-),男,江苏海安人,教授,博士,主要研究方向:视频地理信息系统、警用地理信息系统;张红(1982-),女,江苏泰州人,讲师,硕士,主要研究方向:下一代通信网络。
  • 基金资助:
    “十二五”国家支撑计划项目(2012BAH35B02);泰州市科技支撑计划项目(TS201517)。

Advanced marking scheme algorithm based on multidimensional pseudo-random sequences

TANG Yan1, LYU Guonian2, ZHANG Hong1   

  1. 1. College of Information Engineering, Nanjing Normal University Taizhou College, Taizhou Jiangsu 225300, China;
    2. School of Geography Science, Nanjing Normal University, Nanjing Jiangsu 210046, China
  • Received:2016-04-13 Revised:2016-07-05 Online:2016-11-10 Published:2016-11-12
  • Supported by:
    This work is partially supported by Key Projects in the National Science & Technology Pillar Program during the Twelfth Five-year Plan Period (2012BAH35B02), the Science-Technology Support Plan Program of Taizhou (TS201517).

摘要: 高级包标记策略(AMS)是对分布式拒绝服务(DDoS)攻击进行IP追踪的有效算法,但是,由于使用哈希函数实现边地址的压缩,AMS算法存在复杂度高、保密性差、误报率高等缺陷。为了提高追踪效率,设计了一种基于多维伪随机序列的AMS算法:一方面,在路由器上,以全硬件实现的边采样矩阵代替原有的哈希函数,完成IP地址的压缩编码;另一方面,在受害者端,结合边地址压缩码和边的权重计算过程,实现攻击路径图的输出。仿真实验中,基于多维伪随机序列的AMS算法与原始算法性能基本一致,但能有效减少误判的发生和快速判断伪造路径。实验结果表明,所提算法保密性能高,计算速度快,抗攻击能力强。

关键词: 多维伪随机序列, 边采样矩阵, 高级包标记策略, 压缩编码, 攻击路径图

Abstract: The current Advanced Marking Scheme (AMS) algorithm is a relatively efficient algorithm for tracing IP addresses of Distributed Denial of Service (DDoS) attackers. However, as using hash functions to achieve compression of edge address, the AMS algorithm has many defects such as high complexity, poor confidentiality and a high ratio of false positives. In order to improve the efficiency of AMS, the AMS algorithm based on multidimensional pseudo-random sequences was designed. On one hand, replacing original hash functions, an edge sampling matrix was constructed with a full hardware device in a router to achieve the compression coding of IP address. On the other hand, combined with the compressed code of edge address and the calculation process of edge weight in the victim's side, the output of DDoS attack path graph was realized. In the simulation experiments, the performance of the AMS algorithm based on multidimensional pseudo-random sequences is basically the same as the original algorithm, which can effectively reduce misjudgment and quickly judge forged paths. The experimental results show that the proposed algorithm has high security, fast computation and strong anti-attack ability.

Key words: multidimensional pseudo-random sequence, edge sampling matrix, Advanced Marking Scheme (AMS), compression coding, attack path graph

中图分类号: