Modulo operation based denial of service attack trace back method

A technology of denial of service attack and modular operation, which is applied in the direction of digital transmission system, electrical components, transmission system, etc., can solve the problems of unable to reconstruct the attack path, loss of marking information, limited marking space, etc., so as to shorten the average time and reduce the Burden, the effect of shortening the convergence time

Inactive Publication Date: 2016-07-20
SHANGHAI JIAO TONG UNIV +1
View PDF2 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The problem with this method is that the marking space is limited, and the marking information may be completely lost and the attack path cannot be reconstructed. How to choose the marking probability is a difficult point
However, DPPM fails to solve the problem of limited label space and has shortcomings such as heavy burden on routers.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Modulo operation based denial of service attack trace back method
  • Modulo operation based denial of service attack trace back method
  • Modulo operation based denial of service attack trace back method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] The present invention will be described in detail below with reference to specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that, for those skilled in the art, several changes and improvements can be made without departing from the inventive concept. These all belong to the protection scope of the present invention.

[0052] According to the method for tracing back the source of a denial of service attack based on modulo operation provided by the present invention, the method includes the following steps:

[0053] Step A: The present invention designs a Modulo-arithmetic Packet Marking (MPM) method by using the identification field (ID field) of the IP packet header.

[0054] Step B: Using the node sampling method, the forwarding router writes its node information: routing location and routing address into the label space of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a modulo operation based denial of service attack trace back method. The method includes a first step of establishing a modulo operation packet marking method by using an identification domain of an IP header, namely an ID domain; a second step of forwarding node information of a router by using a node sampling method, and writing a routing position and a routing address in a marking space of a data packet; a third step of performing modulo operation by using a value of the ID domain in the IP header, so as to realize routing marking, namely determine that which router on an attack path performs marking operation on a certain data packet; and a fourth step of detecting, by a victim end, marking information in the data packet, so as to reconstruct the path. Through introduction of the modulo operation, it is calculated that which router on the attack path needs to perform marking operation on an existing data packet, so that the burden of each router on a forwarding path is reduced, the quantity of the data packets for path reconstruction is greatly reduced, and a start source of denial of service attack is effectively identified.

Description

technical field [0001] The invention relates to the technical field of network attack prevention, and in particular, to a method for returning and tracing a denial of service attack based on modulo operation. Background technique [0002] The denial of service (DoS) attack initiated by hackers by exploiting network protocol flaws is the most common type of network attack, aiming to make the target system unable to provide normal service or resource access. DoS attacks cause business losses of up to tens of millions of dollars every year, and are the second type of network attacks that cause the most damage to Internet property. Moreover, attackers can use a large number of compromised hosts on the network to form botnets and control them to a certain A specific target launches an intensive denial of service attack, that is, a distributed denial of service attack (DistributedDoS, DDoS). DoS attacks seriously threaten the security of the Internet and its infrastructure due to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/803
CPCH04L63/1433H04L47/125H04L63/1458
Inventor 陈秀真陆越刘红金波陈长松
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products