域间路由系统的级联失效攻击及检测研究
发布时间:2019-05-27 07:55
【摘要】:针对BGP协议自适应机制缺陷,精心设计的攻击可使域间路由系统路由节点级联失效,从而导致整个域间路由系统崩溃.这类攻击的触发流量和响应行为均是合法的,对该类攻击的检测是网络安全领域研究的重难点课题之一.首先,本文分析现有可导致域间路由系统级联失效的攻击方法,提出BGP级联失效攻击的两阶段攻击模型,分析各阶段攻击特征和攻击起效时间.接着,根据不同的攻击阶段,对现有BGP级联失效攻击的检测方法进行分类和阐述,从实时性、准确性和代价等多方面进行了综合评价.最后,对当前研究存在的问题进行总结,并对未来研究发展进行展望.
[Abstract]:Aiming at the defect of adaptive mechanism of BGP protocol, the carefully designed attack can fail the concatenation of routing nodes in inter-domain routing system, which leads to the collapse of the whole inter-domain routing system. The triggered traffic and response behavior of this kind of attack are legal, and the detection of this kind of attack is one of the important and difficult topics in the field of network security. Firstly, this paper analyzes the existing attack methods that can lead to concatenated failure of inter-domain routing systems, proposes a two-stage attack model of BGP cascade failure attack, and analyzes the attack characteristics and attack onset time of each stage. Then, according to different attack stages, the existing detection methods of BGP cascade failure attack are classified and expounded, and the real-time, accuracy and cost are comprehensively evaluated. Finally, the existing problems of the current research are summarized, and the future research development is prospected.
【作者单位】: 解放军信息工程大学;数字工程与先进计算国家重点实验室;国家数字交换系统工程技术研究中心;
【基金】:国家自然科学基金(批准号:61502528,61402525,61402526)资助项目
【分类号】:TP393.08
[Abstract]:Aiming at the defect of adaptive mechanism of BGP protocol, the carefully designed attack can fail the concatenation of routing nodes in inter-domain routing system, which leads to the collapse of the whole inter-domain routing system. The triggered traffic and response behavior of this kind of attack are legal, and the detection of this kind of attack is one of the important and difficult topics in the field of network security. Firstly, this paper analyzes the existing attack methods that can lead to concatenated failure of inter-domain routing systems, proposes a two-stage attack model of BGP cascade failure attack, and analyzes the attack characteristics and attack onset time of each stage. Then, according to different attack stages, the existing detection methods of BGP cascade failure attack are classified and expounded, and the real-time, accuracy and cost are comprehensively evaluated. Finally, the existing problems of the current research are summarized, and the future research development is prospected.
【作者单位】: 解放军信息工程大学;数字工程与先进计算国家重点实验室;国家数字交换系统工程技术研究中心;
【基金】:国家自然科学基金(批准号:61502528,61402525,61402526)资助项目
【分类号】:TP393.08
【相似文献】
相关期刊论文 前10条
1 刘欣;朱培栋;;互联网域间路由安全研究[J];计算机工程;2005年24期
2 卢锡城;赵金晶;朱培栋;董攀;;域间路由系统自组织特性[J];软件学报;2006年09期
3 李自强,周明天;域间路由连通不完全性分析[J];计算机工程与应用;2005年27期
4 刘迎国,念其锋,朱培栋;域间路由系统的安全威胁及其对策[J];微机发展;2005年11期
5 王e鴈,
本文编号:2485991
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2485991.html
