| Citation: | Jin Guang, Yang Jian-Gang, Wei Wei, Dong Ya-Bo. Stateless Filtering Based on Enhanced Capabilities[J]. Journal of Electronics & Information Technology, 2008, 30(10): 2490-2493. doi: 10.3724/SP.J.1146.2007.00460
|
|
[1] Douligeris C and Mitrokotsa A. DDoS attacks and defensemechanism: classification and state-of-the-art. ComputerNetworks, 2004, 44(3): 643-666. [2] Bellovin S, Clark D, Perrig A, and Song D. A clean-slatedesign for the next-generation secure Internet. NationalScience Foundation Workshop on Next-Generation SecureInternet, Pittsburgh, PA, 2005. Yang X, Wetherall D, and Anderson T. A DoS limitingarchitecture. Proc. ACM Sigcomm, Philadelphia, PA, 2005:241-252. [3] 田俊峰, 张喆, 赵卫东. 基于误用和异常技术相结合的入侵检测系统的设计与研究[J].电子与信息学报.2006, 28(11):2162-2166浏览 [4] Ferguson P and Senie D. RFC2827, Network ingress filtering:defeating denial of service attacks which employ IP sourceaddress spoofing. Los Angeles, 2000. [5] Gao Z and Ansari N. Tracing cyber attacks from the practicalperspective. IEEE Communications Magazine, 2005, 43(5):123-131. [6] 梁丰, Yau D. 利用路由器自适应限流防御分布拒绝服务攻击(英文). 软件学报, 2002, 13(7): 1220-1227.Liang Feng and Yau D. Using adaptive router throttlesagainst distributed Denial-of-Service attacks. Journal ofSoftware, 2002, 13(7): 1220-1227. [7] Anderson T, Roscoe T, and Wetherall D. Preventing InternetDenial-of-Service with capabilities. Proc. ACM HotNets,Cambridge, MA, 2003. [8] Yaar A, Perrig A, and Song D. SIFF: A stateless Internet flowfilter to mitigate DDoS flooding attacks. Proc. IEEESymposium on Security and Privacy, Oakland, CA, 2004:130-143. [9] Argyraki K and Cheriton D. Network capabilities: the good,the bad and the ugly. Proc. ACM HotNets, College Park, MD,2005.
|
DownLoad: