Journal of Frontiers of Computer Science and Technology ›› 2008, Vol. 2 ›› Issue (1): 1-19.

• 综述·探索 • Previous Articles     Next Articles

A survey of Low-rate Denial-of-Service attacks

HE Yanxiang1,2, LIU Tao1+, CAO Qiang1, XIONG Qi1, HAN Yi1   

  1. 1. School of Computer, Wuhan University, Wuhan 430079, China
    2. State Key Laboratory of Software Engineering, Wuhan University, Wuhan 430079, China
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-02-20 Published:2008-02-20
  • Contact: HE Yanxiang

低速率拒绝服务攻击研究综述

何炎祥1,2,刘 陶1+,曹 强1,熊 琦1,韩 奕1   

  1. 1. 武汉大学 计算机学院,武汉 430079
    2. 武汉大学 软件工程国家重点实验室,武汉 430079
  • 通讯作者: 何炎祥

Abstract: Low-rate denial-of-service attack is a novel category of attacks that are aimed at exploiting the adaptive behavior exhibited by several network and system protocols. Different from traditional DoS attacks, this kind of attacks can make serious destroy on the victims by using periodically non-suspicious low-rate attack streams. Since they have been brought forward, these new attacks have caused special concern; the problems of detecting and defending towards them have gradually become important research issues in the network security area. In the paper, theoretical analyses, modeling and simulations of various LDoS attacks are presented, the difficulties of defending and current solutions are discussed. At the end of the paper, several problems which need further researches are put forward, in order to provide reference to the future research work on the defending of this kind of attacks.

Key words: network security, Low-rate DoS (LDoS) attacks, TCP congestion control, AQM, attack defense

摘要: 低速率拒绝服务攻击是近年来提出的一类新型攻击,其不同于传统洪泛式DoS攻击,主要是利用端系统或网络中常见的自适应机制所存在的安全漏洞,通过低速率周期性攻击流,以更高的攻击效率对受害者进行破坏且不易被发现。LDoS攻击自提出以来便得到了研究者们的充分重视,其攻击特征分析与检测防范方法逐渐成为网络安全领域的一个重要研究课题。首先对目前已提出的各种LDoS攻击方式进行了分类描述和建模,并在NS2平台上进行了实验验证,接着对LDoS攻击的检测防范难点进行了讨论并对已有的各种检测防范方案进行了小结,最后指出了有待进一步研究的几个问题,以期为今后此类攻击检测防范研究工作提供参考。

关键词: 网络安全, 低速率拒绝服务攻击, TCP拥塞控制, AQM, 攻击防范