高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

一种面向C/S模式的地址跳变主动网络防御方法

刘江 张红旗 杨英杰 王义功

刘江, 张红旗, 杨英杰, 王义功. 一种面向C/S模式的地址跳变主动网络防御方法[J]. 电子与信息学报, 2017, 39(4): 1007-1011. doi: 10.11999/JEIT160514
引用本文: 刘江, 张红旗, 杨英杰, 王义功. 一种面向C/S模式的地址跳变主动网络防御方法[J]. 电子与信息学报, 2017, 39(4): 1007-1011. doi: 10.11999/JEIT160514
LIU Jiang, ZHANG Hongqi, YANG Yingjie, WANG Yigong. A Proactive Network Defense Method Based on Address Hopping for C/S Model[J]. Journal of Electronics & Information Technology, 2017, 39(4): 1007-1011. doi: 10.11999/JEIT160514
Citation: LIU Jiang, ZHANG Hongqi, YANG Yingjie, WANG Yigong. A Proactive Network Defense Method Based on Address Hopping for C/S Model[J]. Journal of Electronics & Information Technology, 2017, 39(4): 1007-1011. doi: 10.11999/JEIT160514

一种面向C/S模式的地址跳变主动网络防御方法

doi: 10.11999/JEIT160514
基金项目: 

国家863计划项目(2012AA012704),郑州市科技领军人才项目(131PLJRC644)

A Proactive Network Defense Method Based on Address Hopping for C/S Model

Funds: 

The National 863 Program of China (2012AA012704), The Scientific and Technological Leading Talent Project of Zhengzhou (131PLJRC644)

  • 摘要: 现有地址跳变方法需要设计新的地址交互协议,扩展性较差,跳变周期缺乏自适应调整,该文提出一种基于改进DHCP协议的地址跳变方法。利用自回归求和平均模型对网络流量进行建模和预测以计算预分配地址数目,根据地址空置周期选择预分配地址,利用基于动态时间弯曲距离的时间序列相似性度量算法检测网络异常并动态调整地址租用期,客户端和服务器基于地址映射关系进行跳变通信。该方法在无需修改现有DHCP协议的基础上实现了跳变地址和跳变周期的动态调整,增加了攻击者进行流量截获和拒绝服务攻击的难度,提高了攻击者代价。
  • ZHUANG Rui, BARDAS A G, DELOACH S A, et al. A theory of cyber attacks: A step towards analyzing MTD systems[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, 2015: 11-20.
    GREEN M, MACFARLAND D C, SMESTAD D R, et al. Characterizing network-based moving target defenses[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, 2015: 31-35.
    JAFARIAN J H, AL-SHAER E, and QI Duan. An effective address mutation approach for disrupting reconnaissance attacks[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(12): 2562-2577. doi: 10.1109/TIFS.2015. 2467358.
    石乐义, 贾春福, 吕述望. 基于端信息跳变的主动网络防护研究[J]. 通信学报, 2008, 29(2): 106-110.
    SHI Leyi, JIA Chunfu, and LShuwang. Research on end hopping for active network confrontation[J]. Journal on Communications, 2008, 29(2): 106-110.
    ATIGHETCHI M, PAL P, WEBBER F, et al. Adaptive use of network-centric mechanisms in cyber-defense[C]. Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, Cambridge, MA, 2003: 183-192.
    SIFALAKIS M, SCHMID S, and HUTCHISON D. Network address hopping: A mechanism to enhance data protection for packet communications[C]. 2005 IEEE International Conference on Communications, London, 2005: 1518-1523.
    ANTONATOS S, AKRITIDIS P, MARKATOS E P, et al. Defending against hitlist worms using network address space randomization[J]. Computer Networks, 2007, 51(12): 3471-3490.
    DUNLOP M, GROAT S, URBANSKI W, et al. MT6D: A moving target IPv6 defense[C]. 2011 IEEE Military Communications Conference, Baltimore, MD, 2011: 1321-1326.
    刘慧生, 王振兴, 郭毅. 一种基于多穴跳变的IPv6主动防御模型[J]. 电子与信息学报, 2012, 34(7): 1715-1720. doi: 10.3724/SP.J.1146.2011.01350.
    LIU Huisheng, WANG Zhenxing, and GUO Yi. An IPv6 proactive network defense model based on multi-homing hopping[J]. Journal of Electronics Information Technology, 2012, 34(7): 1715-1720. doi: 10.3724/SP.J.1146.2011.01350.
    姜明, 吴春明, 张旻, 等. 网络流量预测中的时间序列模型比较[J]. 电子学报, 2009, 37(11): 2353-2358.
    JIANG Ming, WU Chunming, ZHANG Min, et al. Research on the comparison of time series models for network traffic prediction[J]. Acta Electronica Sinica, 2009, 37(11): 2353-2358.
    LI Junkui and WANG Yuanzhen. EA DTW: Early abandon to accelerate exact dynamic time warping[C]. 2007 International Conference on Intelligent Systems and Knowledge Engineering, Chengdu, China, 2007: 144-152.
    赵春蕾. 端信息跳变系统自适应策略研究[D]. [博士论文], 南开大学, 2012.
    ZHAO Chunlei. Research on adaptive strategies for end- hopping system[D]. [Ph.D. dissertation], Nankai University, 2012.
  • 加载中
计量
  • 文章访问数:  1111
  • HTML全文浏览量:  154
  • PDF下载量:  381
  • 被引次数: 0
出版历程
  • 收稿日期:  2016-05-19
  • 修回日期:  2016-12-26
  • 刊出日期:  2017-04-19

目录

    /

    返回文章
    返回