摘要
为有效防止和避免网络的SYN Flood攻击,论文介绍了SYN Flood攻击的基本原理,国内外研究现状,然后详细描述了两种比较有效和方便实施的防御方法:SYN-cookie技术和地址状态监控。SYN-cookie技术实现了无状态的握手,避免了SYN Flood的资源消耗。地址状态监控的解决方法能够对每一个连接服务器的IP地址的状态进行监控,主动采取措施避免SYN Flood攻击的影响。同时提出自己的解决方案,即从报文段数据层面进行统计分析,通过得到的统计结果比较正常情况下的统计数据来做出是否存在SYN Flood攻击的判断。
In order to avoid the SYN Flood attacks from the internet,this paper presents the basic theory of SYN Flood attacks and the current research status home and abroad.The paper describes two effective methods for defending the attack: SYN-cookie and address state monitoring.SYN-cookie technology achieves a stateless handshake,thus avoids the wa ste of resources caused by SYN Flood.Address state monitoring behaves the way that it monitors the state of every IP address trying to get connected and take actions to reduce the bad influence.Then the paper tries to come up w ith a new solution,to judge whether there is a SYN Flood attack by the statistics of data segments and the rate in comparison with ordinary one.
出处
《电脑学习》
2011年第2期106-108,共3页
Computer Study
关键词
网络攻击
拒绝服务
检测
解决方案
Internet Attack
Denial-of-Service
Detection
Solution
