Dynamically extensible and efficient single packet tracing method

A dynamic expansion and high-efficiency technology, applied in the field of IP traceability, can solve the problems of management mode conflict, network topology privacy leakage, hinder the scale expansion of the traceability system, etc., to improve efficiency and accuracy, improve execution speed, and ensure scalability. Effect

Active Publication Date: 2017-03-15
东北大学秦皇岛分校
View PDF5 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to provide a dynamically expandable and efficient single-package traceability method, which can effectively solve the problems existing in the prior art, especially the flat system structure, and the traceability management granu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamically extensible and efficient single packet tracing method
  • Dynamically extensible and efficient single packet tracing method
  • Dynamically extensible and efficient single packet tracing method

Examples

Experimental program
Comparison scheme
Effect test

experiment example

[0109] The present invention can hide the cross-domain single-packet traceability architecture of the inter-domain network topology (that is, the hierarchical system architecture model in which the inter-domain network and the intra-domain network are separated) such as figure 1 As shown in , where the inter-domain network establishes an anti-anonymity alliance based on peer-to-peer relationships, such as figure 1 and figure 2 As shown in , assuming that the network prefix of a traceable Stub domain is AS1_prefix, in order to prevent the anonymous flow of this domain from entering the inter-domain network, the border router of this domain needs to configure two filtering rules: 1) permit AS1_prefix any; 2) deny anyany, namely Allow the outflow of IP packets whose prefixes belong to the Stub domain; 2) deny the outflow of any anonymous packets whose prefixes do not belong to the Stub domain. For these two rules, the router matches the first rule first, and if the match fail...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dynamically extensible and efficient single packet tracing method. The method comprises the following steps: in an inter-domain network composed of transit domains, constructing an anti-anonymous union by using all tracing Stub domains, wherein the anti-anonymous union configures ACL filtering rules on boundary routers of the tracing Stub domains, so that all anonymous packets entering the inter-domain network are cleared; constructing a tracing network in the tracing Stub domains, and establishing path fingerprint in the tracing network; and after the occurrence of attack, a network service provider directly locates an attack domain via the source address and an inlet router of the anonymous packet by using the anti-anonymous union, and then reduces an attack path through the extracted path fingerprint. By adoption of the dynamically extensible and efficient single packet tracing method disclosed by the invention, the coupling between autonomous domains is weakened so as to achieve the purpose of phased management and flexible control, and the leakage of the network topology privacy is avoided as well, which is beneficial to the expansion of the scale of the tracing system.

Description

technical field [0001] The invention relates to a dynamically expandable and efficient single-packet traceability method, which belongs to the technical field of IP traceability. Background technique [0002] Among many network security issues, "IP anonymity" is undoubtedly one of the most serious security risks restricting the development of the Internet. Among them, the source address forgery technology is a major IP anonymity method. In order to carry out normal communication on the Internet, when the message sender sends a message, it needs to fill in the real IP address assigned to the sender in the source address field, so that the report Only the receiver of the text knows the destination address when sending the reply. For a special purpose, the sender of the message modifies the source address carried in the message to an arbitrary address. This behavior is called forging the source address. A series of notorious network attacks (including SYNFlooding, DNS amplifi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26
CPCH04L43/10H04L2463/146
Inventor 鲁宁许志勤史闻博李峰
Owner 东北大学秦皇岛分校
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap