Research Of Network Attack Description System And Typical Attack Countermeasures

Rationally classifying network attacks is an available method to deeply comprehend and defense them. Present attack taxonomies don't stand on the primary part of the practical application-victim's viewpoint, but on the attacker's. Therefore the damages could not be depicted and the same attacks could not be validly avoided. This thesis first presents an access level taxonomy and several other taxonomies based on the analyses of previous work, and their taxonomic characteristics used to define a network attack are limited in scope to those features that are observable and measurable at the victim of the attack. Then the taxonomies are integrated into a Victim-based Network Attack Description System under RDF model. Associating with the deeply research of DoS attack and protection technology, completer "Protect-Detect-Response" countermeasures are proposed; furthermore better expansibility, descriptive power and application of the description system are shown. Finally summarizing above achievement, proposes the Automatic Network Attack Decision Making and Response System.