The Analysis Of Denial Of Service And The Research Of Its Defense Solution Schemes

With Internet popularized quickly and its application developing, more and more all kinds of hacker's tools and network attack measures are appearing. Network attacks damaged networks and users, among which DoS(Denial of Service) attacks become one of the common network attack techniques by the characteristics, such as extensive area, strong concealment, simpleness and efficiency, etc. DoS attacks greatly affected the effective service of network and host systems, Especially among which, DDoS(Distributed Denial of Service) attacks are greatly threatening Internet, since they are difficult to recognize and defense due to their concealment and distribution. At first, This papers presents DoS's definition, classification, history and developing trend, and emphasizes on the analysis of typical attack approaches. Secondly, this papers presents the actuality of DoS defense, by means of which this papers analyzes detailedly DoS defense from multi-aspects. Finally, with regard to the traceback problem, we do research on its solution schemes from four aspects: Based on analyzing several traceback algorithms,we focus on the scheme which uses a algebraic approach for encoding traceback information. It reframes the traceback problem as a polynomial reconstruction problem, and uses techniques from algebraic coding theory to provide robust methods of transmission and restriction. The scheme is a new solution to the traceback problem during a DoS attack; The honeypot for DDoS ,which is a tool of traceback, lures the attacker to believe that he successfully compromised a slave for his needs, convincingly simulating the architecture of a potential DDoS attack; The source-based approach to DDoS defense ,which is a useful adjunt to traceback systems, deploys a DDoS defense system at source-end networks. Attacks are detected by monitoring two-way traffic flows, and the attacks originating from source networks are stopped by rate-limiting; The routing mechanism based on pushback treats DDoS attacks as a congestion-control problem. Functionality is added to each router to detect and preferentially drop packets that probably belong to an attack. With pushback, upstream routers are also notified to drop such packets.