【摘要】：針對(duì)域間路由系統(tǒng)的低速率拒絕服務(wù)攻擊(low-rate denial of service against BGP,BGP-LDo S)通過引起級(jí)聯(lián)失效造成域間路由系統(tǒng)整體癱瘓,研究了BGP-LDo S攻擊威脅下域間路由系統(tǒng)級(jí)聯(lián)失效的傳播機(jī)理、影響因素是應(yīng)對(duì)和防范該攻擊的基礎(chǔ)。通過分析域間路由系統(tǒng)的結(jié)構(gòu)特性以及BGP-LDo S攻擊過程,提出一種基于傳染病動(dòng)力學(xué)的BGP-LDo S威脅傳播模型BGP-SIS。將系統(tǒng)中每個(gè)節(jié)點(diǎn)的狀態(tài)劃分為易感態(tài)、感染態(tài),利用傳染病動(dòng)力學(xué)模型SIS對(duì)攻擊所造成的級(jí)聯(lián)失效過程進(jìn)行描述,推導(dǎo)攻擊威脅下域間路由系統(tǒng)的最終狀態(tài)。利用仿真實(shí)驗(yàn)對(duì)模型及推論的有效性進(jìn)行驗(yàn)證,實(shí)驗(yàn)結(jié)果表明BGP-SIS能夠有效描述和預(yù)測(cè)BGP-LDo S攻擊下域間路由系統(tǒng)級(jí)聯(lián)失效的傳播規(guī)律,可為域間路由系統(tǒng)檢測(cè)和防御BGP-LDo S攻擊提供借鑒和參考。
[Abstract]:In view of the low rate denial of service attack (low-rate denial of service against BGPN BGP-LDO S) in inter-domain routing system, the mechanism of cascading failure of inter-domain routing system under the threat of BGP-LDo S attack is studied by causing the cascade failure of the inter-domain routing system to paralyze the whole inter-domain routing system. The influencing factors are the basis for coping with and preventing this attack. By analyzing the structural characteristics of inter-domain routing system and the process of BGP-LDo S attack, a BGP-LDo S threat propagation model based on infectious disease dynamics is proposed. The states of each node in the system are divided into susceptible states and infected states. The cascade failure process caused by the attack is described by the infectious disease dynamics model (SIS), and the final state of the inter-domain routing system under attack threat is derived. The validity of the model and corollary is verified by simulation experiments. The experimental results show that BGP-SIS can effectively describe and predict the propagation law of cascade failure of inter-domain routing system under BGP-LDo S attack. It can provide reference and reference for inter-domain routing system to detect and defend against BGP-LDo S attack.
【作者單位】： 信息工程大學(xué);
【基金】：國家自然科學(xué)基金資助項(xiàng)目(61402525,61402526,61472215,61502528) 國家“863”計(jì)劃資助項(xiàng)目(2012AA012902)
【分類號(hào)】：TP393.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 劉欣;朱培棟;;互聯(lián)網(wǎng)域間路由安全研究[J];計(jì)算機(jī)工程;2005年24期

2 盧錫城;趙金晶;朱培棟;董攀;;域間路由系統(tǒng)自組織特性[J];軟件學(xué)報(bào);2006年09期

3 李自強(qiáng),周明天;域間路由連通不完全性分析[J];計(jì)算機(jī)工程與應(yīng)用;2005年27期

4 劉迎國,念其鋒,朱培棟;域間路由系統(tǒng)的安全威脅及其對(duì)策[J];微機(jī)發(fā)展;2005年11期

5 王e鴈，

本文編號(hào)：2184944