| With the development of network technology, people may monitor the network and detect malicious Internet traffic by Internet Sensor. Nowadays, Internet Sensor cannot meet the needs, because of attacks to large scale network frequently. As to avoid this kind of threats, people have built the Data Centre to collect and publish the alarm log from the different Network as to help analyzing the Network.DSHIELD center is the centre that to warn the threats in time, and publish the logs based on anonymous of the Internet Sensor. The corresponding Internet organizations may take effective measures to eliminate the malicious Internet traffic.Recently, large-scale Network attacks like the Worms & DDoS are spread rapidly. People have achieved some efforts through the Internet sensor– till Probe Response Attacks appear. Probe Response Attack is a type of information-gathering attack which allows Attackers attack via the Internet. Non-common port for the malicious code was designed by the attackers as to locate the Internet sensor, and directly allow the attacks. It did great harm to the network through locating or bypassing the detection of the Internet sensor. Therefore, how to maintain the anonymity of the Internet sensor becomes extremely important.To against this type of attack, both the collaborating against common enemies and attacks of Probe Response was analyzed comprehensively in the paper. And we analyzed the current related approaches of Against the Probe Response Attacks. Then, we analyzed the Internet sensors or logs which provided by DSHIELD and proposed TOP-K strategy for this. The result shows that it can be avoided the information-gathering by Attackers and inhibit the Probe Response Attacks effectively through filter and analyze the sensors log with the TOP-K strategy. |
PDF Full Text Request