| The default of IP protocol and operation system results in network security.The most important problem regarding with IP protocal is the forged IP address.IP protocol cannot confirm that the source address is the sender's address.A machine can forge itself as another machine even a router.In the various methods dealing with network attack,IP traceback emphasize on punishment.Once an attacker knows an attack can be tracebacked,he will be discreet.In the developed countries such as America and Japan,IP traceback becomes the hot problem attended by goverments,industries and academe.We study a lot of relevant documents and various IP traceback technology,and find the limitations of the field:1.the identification of attack source bases on the reconstruction of attack path;2.methods base on the idea of sequence,not on concurrence;The two result in low efficiency of IP traceback..We breakthrough the limitations and proposed our new idea:1.giving up the base of entire attak path;2.introducing concurrence to traceback process.Based on the new idea,we proposed a new single-packet IP traceback methos--CIPM((a single-packet concurrent IP traceback method).It has the following new point:1.enquire all routers in the domain at the same time;2.judging whether an attack is in the network or out the network is not based on the reconstruction of attack path;3.do simulation test against Method J,and know the performance of CIPM is more better。First,this thesis introduce some basic information,such as network security,intrusion detection technology.Then,tell the current situation of IP traceback and main technology roads,analyze and discuss the limitation and the development.In the end, we proposed a new IP traceback method CIPM.In the section of theory and simulation test,we compare it with Method J,which published in the IEEE journal "INTERNET COMPUTING" in April 2002.It can trace back a single-packet attack and is the newest research result in the field of IP traceback.The test indicates that the performance of CIPM is obviously better than that of Method J.Above all,the thesis focuses on the current hot problem----IP traceback,and proposed a new IP traceback method.It has some breakthrough on the limitation of the research for IP traceback.The theorial analysis and simulation test prove that the performance of CIPM is obviously better than that of J scheme.In the period of the work on the thesis,my two papers were published publicly.They are "A Survey of IP Traceback" and "A Method of IP Traceback for DOS".Wish our idea,method and technology will be guided by the teachers and authorities. |
PDF Full Text Request