| Along with the rapid development of the computer technology and networking, the system counterwork in the net space is becoming more and more prevalent. The attack and defense countermeasure aimed at the core part of the net carried out by the hostiles threatens the security of the net. Network counterwork has becoming one of the main form of information warfare. Distributed Denial of Service(DDoS), easily actualized, hardly kept away or traced,is often used by the hostiles to destroy our normal network. As one of the most difficult issue in network security,researching it from the network counter work's point of view becomes essential. In this paper, based on the analysis of the keystone of the DDoS attack, as well as the theory of network counterwork, researches on DDoS recovery strategy and art in network counterwork are done. The main contributions of this paper are summarized as follows:1. The model frame of DDoS defend system in network counterwork is proposed. The process of network counterwork and recovery action is analyzed, then the recovery process are divided into there phases: attack affirmance, attack countermine and counterattack. The model of attack detection, attack packetfilter and location tracking are founded, and the model frame of DDoS defend system is founded based on them.2. A model of DDoS defend system is built based on the proposed frame. The model of DDoS detection based on wavelet is proposed, which can affirm the attack actions rapidly and exactly. Therefore, it provides the underlying basis for the successor actions. Then the model of attack packetfilter is founded to filter the attack packets in order to eliminate the influence of attack after the attack happen. At last, the traceback model is proposed to track the IP address of the attacker. So we can shield all the packets from the attacker so as to eliminate the attack threaten.3. The interaction model of sub models of the defend system is founded based on the analysis of the interaction relationship among sub models in the counter process. The interaction relationship and interaction content are analyzed, and sub models are tied together so as to attain cooperation and integrity of the whole.4. The validity of the proposed DDoS defend system model is validated using the simulator of the counter process of the DDoS attack-defend system. Finally, the researching work is summarized, and further research topics and directions are prospected. |
PDF Full Text Request