| Network IP address tracing technology is the process of network attack or after the process of network attacks, through network security related technologies to get the source of network attacks, analysis of the current network attack packets related information to track the network attack packets real source IP information to construct a complete network topology of the attack path between the attacker and the victim, and to locate the attacker's physical location. Network IP address traceability technology is an active defense technology to solve the problem of network attack.In this paper, we study the IP address traceability of network attack traffic in a network environment where IPv4 and IPv6 networks coexist based on Teredo tunnel. In this paper, the BloomFilte algorithm is adopted to reduce the conflict rate of BloomFilter in the storage process.This paper firstly obtains the network IP packet through the router to the current system through the message acquisition module, and then the packet analysis module extracts the five-tuple information of the network IP packet and analyzes and processes the Teredo network data message ,Bloom Filter technology used to achieve the five-tuple information stored in memory. When the BloomFilter capacity conflict occurs, the BloomFilter memory data will be saved in the local file, the new development of a memory area to store the new Bloom Filter processed data. When a victim is attacked by a network, the victim sends an attack message to the neighboring network attack source to check whether the attack packet flows through the node. If the node passes through the node,it queries the upper node until it finds the network node of the network attacker , The network node sends the attack path information to the victim host. |
PDF Full Text Request