CN105429940B - A method of the extraction of network data flow zero watermarking is carried out using comentropy and hash function - Google Patents
A method of the extraction of network data flow zero watermarking is carried out using comentropy and hash function Download PDFInfo
- Publication number
- CN105429940B CN105429940B CN201510701787.9A CN201510701787A CN105429940B CN 105429940 B CN105429940 B CN 105429940B CN 201510701787 A CN201510701787 A CN 201510701787A CN 105429940 B CN105429940 B CN 105429940B
- Authority
- CN
- China
- Prior art keywords
- zero watermarking
- extraction
- network
- data flow
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/146—Tracing the source of attacks
Abstract
The invention discloses a kind of methods for carrying out the extraction of network data flow zero watermarking using comentropy and hash function, the algorithm is in the original flow of transmitting terminal, by temporally carrying out fragment to data flow, the distribution situation of statistical data packet size simultaneously calculates Shannon entropy, carries out the extraction of zero watermarking to it using hash function;In receiving end, zero watermarking extraction is carried out to the flow received again using same method;Confirm transmitting terminal and receiving end with the presence or absence of apparent network communication relationship by the comparison of the zero watermarking extracted to both ends.Using the extraction and detection method of network flow zero watermarking system of the invention, the network communication relationship in anonymous communication system between transmitting terminal and receiving end can be effectively determined, provide theoretical foundation for ddos attack positioning.
Description
Technical field
The present invention relates to communicating pair relationships under Anonymizing networks environment to confirm field, more specifically, being related to a kind of utilization
Comentropy and hash function carry out the method and a kind of extraction and detection system of network flow zero watermarking of watermark extracting to network flow
System.
Background technique
With the rapid development of global IT application, computer network has been the world today's high-new skill the most breathtaking
One of art.Resource-sharing, information exchange and the distributed treatment of network bring great convenience to study, work, scientific research.But layer goes out
Not poor various attacks bring huge potential threat and destruction to computer network and system.
Since 2000, network constantly occurs by attack, according to " FBI computer crime in 2003 and peace
Full investigation " display, DDOS attack is the network crime being number two, and quantity is constantly soaring.
Ddos attack initiates a large amount of useless messages for occupying network bandwidth to target of attack by more puppet's hosts of control,
The system and Internet resources that target of attack is consumed with this, make it externally can not normally provide service.Due to the burst of attack traffic
Property and address randomness, cause this attack to be difficult with traditional based on the detection technique of traffic monitoring from sudden normal stream
It is distinguished in amount.
In numerous ddos attacks, SYN Flood is undoubtedly attack class that is presently most classical and being most widely used
Type, it is utilized the loophole in Transmission Control Protocol realization, can have an impact to all network equipments based on ICP/IP protocol stack.
The concrete operating principle of SYN Flood attack are as follows: a large amount of pseudo- by being sent to the open port of destination server
The attack message for making source address, causes the half-open connection queue in server network protocol stack to take caching, and final delay machine stops
Work, prevent other users are from normally accessing.Various operating systems or even poor firewall, the router of performance etc. all without
Method effectively defends this attack mode.And by various network tools, which can be convenient ground cook source address, this makes
Obtaining pursuit attack person becomes extremely difficult.
The characteristics of for SYN Flood attack, the fundamental way of solution is tracking attack stream, finds out attack path and finds
Attack source, here it is IP retrogressive methods.
IP backtracking is intended to find attacker since by attacker, is a kind of method for focusing on deterrence.IP backtracking substantially may be used
It is divided into two classes.
One kind is to recall the attack of certain flow.Major defect is: (1) modifying to IP agreement;(2) work as attack stream
When measuring sufficiently large, backtracking performance is acceptable, and to small flow and single packet attack, rate of false alarm and rate of failing to report are all quite high.
Another kind of is the attack that can recall any flow, including single packet attack.Basic principle is: being grouped when router forwards
When, also grouping information is recorded;Backtracking is the router recorded by inquiry packets to determine grouping process.This kind of scheme
Critical issue is: since router storage resource is limited, grouped record is easily lost.
For this purpose, we have invented the IP retrogressive methods based on data flow zero watermarking.
Digital watermarking is the certain digital informations of addition into data multimedia (such as image, sound, vision signal) earliest
To reach the functions such as the identification of the file true and false, copyright protection.Watermark was introduced into network security for mark network flow later.
Network flow zero watermarking is a new research direction of current data flow watermark, and thought utilizes original flow
Certain important feature constructions can be with the watermark of unique identification, therefore original data stream is also considered as having contained the watermark and tool
For certain marks.The maximum feature of zero watermarking is exactly not change any data of original flow, ensure that the invisible of watermark
Property, therefore the problems such as there is no data-flow quality decline or watermark amounts limited.
Summary of the invention
Invention the deficiency for aiming to overcome that the prior art, provide it is a kind of using comentropy and hash function progress network
The method and a kind of IP backtracking system based on network flow zero watermarking that data flow zero watermarking extracts.
The technical solution adopted by the present invention to solve the technical problems is: provide it is a kind of using comentropy and hash function into
The method that row network data flow zero watermarking extracts, comprising: in the original flow of transmitting terminal, by temporally dividing data flow
Piece, the distribution situation of statistical data packet size are simultaneously calculated Shannon entropy, are carried out the extraction of zero watermarking to it using hash function;It is connecing
Receiving end carries out zero watermarking extraction to the flow received again using same method;Pass through the zero watermarking that extracts to both ends
Compare to confirm transmitting terminal and receiving end with the presence or absence of apparent network communication relationship;
The step of extraction of the network flow zero watermarking are as follows:
A1, the original data stream t for obtaining transmitting terminal, choose suitable offset o, according to T pairs of regular hour piece size
Data flow carries out fragment, obtains l timeslice;
A2, in each timeslice size, the distribution situation of statistical data packet size;It calculates in each time interval,
The times N that different packet sizes occurij(i△t);
A3, it calculates in each time interval, the probability that different size packet occurs:
Pij(i △ t)=Nij(i△t)/∑sum J=1Nij(i△t)
Wherein, Nij(i △ t) is represented in i-th of time interval, the number that different size of packet occurs;∑sum J=1Nij(i△
T) it represents in same time interval, the total degree that different size of packet occurs, sum represents different size packet in the time interval
With;
A4, the value condition that different size packet in each time interval is represented with stochastic variable X utilize aromatic formula, meter
Calculate the Shannon entropy in each timeslice:
H (X) '=- ∑n J=1p(xj)logp(xj)
p(xj) probability when representing a certain particular value in stochastic variable;
A5, quantification treatment is carried out to comentropy H (X) ':
H (X)=H (X) ' * a
Wherein, a is quantization unit;
One group of A6, input code key Key, carry out Hash with the Shannon entropy H (X) after quantization, obtain required watermark:
Wi=HASH (Keyi,H(Xi))
Wherein, WiIt is the characteristic quantity of the watermark and data flow finally required, KeyiIt is i-th of code key, H (Xi) it is
The entropy of i timeslice, HASH () are hash functions needed for asking watermark.
Preferably, the traffic flow information from transmitting terminal is collected in the border routing of transmitting terminal, zero watermarking is carried out to it
It extracts, and the zero watermarking W and extracting parameter of extraction is dumped into third-party agent.
Preferably, the border routing in receiving end collects the traffic flow information for being sent to receiving end, obtains from third-party agent
Obtain zero water
Print extract needed for various parameters, using zero watermarking extraction the step of extract the received data flow in receiving end taken
The zero of band
Watermark W ', and it is sent to third-party agent;By third-party agent compare transmitting terminal and receiving end zero watermarking whether
It is identical.
A method of IP backtracking is carried out, zero water of network data flow is carried out using comentropy and hash function based on described
The method extracted is printed, is included the following steps:
B1, determining attack stream from border routing first with network flow zero watermarking by attacker;
B2, the upper routing that attack stream flows through is confirmed using the method that zero watermarking extraction and network communication relationship confirms
Position;
B3, step B2 is repeated until attack stream to be locked in a certain specific local network;
B4, when locking a certain router or local area network, determine what attack stream flowed through according to the method that zero watermarking extracts
Attack source is finally locked on certain or a few physical machines by host route, realizes that IP recalls with this.
1) the beneficial effects of the present invention are: by attacker, first with network flow zero watermarking, determine attack stream from
Which router or interchanger find the path that attack stream flows through with this.
2) when locking a certain router or local area network, as springboard, continue it is true to the router being connected with itself
Recognize the source of attack stream, further recalls the path of attack stream.
So circulation is gone down, then attack source can be locked between a certain local area network or a few hosts.
Invention is further described in detail with reference to the accompanying drawings and embodiments;But it is of the invention a kind of to utilize comentropy
The method for carrying out the extraction of network data flow zero watermarking with hash function is not limited to the embodiment.
Detailed description of the invention
Fig. 1 is the block schematic illustration for carrying out zero watermarking extraction to network flow using comentropy and hash function;
Fig. 2 is the flow diagram for carrying out zero watermarking extraction to network flow using comentropy and hash function;
Fig. 3 is the network frame schematic diagram that correspondence confirmation is carried out using zero watermarking;
Fig. 4 is the overall flow schematic diagram that correspondence confirmation is carried out using zero watermarking;
Fig. 5 is that IP backtracking schematic diagram is carried out using zero watermarking.
Specific embodiment
Embodiment 1
Referring to figs. 1 to 5, of the invention a kind of comentropy and hash function to be utilized to carry out network data flow zero watermarking
The method of extraction, comprising: in the original flow of transmitting terminal, by temporally carrying out fragment, statistical data packet size to data flow
Distribution situation and calculate Shannon entropy, the extraction of zero watermarking is carried out to it using hash function;In receiving end, same side is utilized
Method carries out zero watermarking extraction to the flow received again;Confirmed by the comparison of the zero watermarking extracted to both ends transmitting terminal and
Receiving end whether there is apparent network communication relationship.
The step of extraction of the network flow zero watermarking are as follows:
A1, the original data stream t for obtaining transmitting terminal, choose suitable offset o, according to T pairs of regular hour piece size
Data flow carries out fragment, obtains l timeslice;
A2, in each timeslice size, the distribution situation of statistical data packet size;It calculates in each time interval,
The times N that different packet sizes occurij(i△t);
A3, it calculates in each time interval, the probability that different size packet occurs:
Pij(i △ t)=Nij(i△t)/∑sum J=1Nij(i△t)
Wherein, Nij(i △ t) is represented in i-th of time interval, the number that different size of packet occurs;∑sum J=1Nij(i△
T) it represents in same time interval, the total degree that different size of packet occurs, sum represents different size packet in the time interval
With;
A4, the value condition that different size packet in each time interval is represented with stochastic variable X utilize aromatic formula, meter
Calculate the Shannon entropy in each timeslice:
H (X) '=- ∑n J=1p(xj)logp(xj)
p(xj) probability when representing a certain particular value in stochastic variable;
A5, quantification treatment is carried out to comentropy H (X) ':
H (X)=H (X) ' * a
Wherein, a is quantization unit;
One group of A6, input code key Key, carry out Hash with the Shannon entropy H (X) after quantization, obtain required watermark:
Wi=HASH (Keyi,H(Xi))
Wherein, WiIt is the characteristic quantity of the watermark and data flow finally required, KeyiIt is i-th of code key, H (Xi) it is
The entropy of i timeslice, HASH () are hash functions needed for asking watermark.
Preferably, the traffic flow information from transmitting terminal is collected in the border routing of transmitting terminal, zero watermarking is carried out to it
It extracts, and the zero watermarking W and extracting parameter of extraction is dumped into third-party agent.
Preferably, the border routing in receiving end collects the traffic flow information for being sent to receiving end, obtains from third-party agent
Zero watermarking extract needed for various parameters, using zero watermarking extraction the step of extract the received data flow in receiving end entrained by
Zero watermarking W ', and be sent to third-party agent;Whether the zero watermarking for comparing transmitting terminal and receiving end by third-party agent is identical.
A method of IP backtracking is carried out, zero water of network data flow is carried out using comentropy and hash function based on described
Print mentions
The method taken, includes the following steps:
B1, determining attack stream from border routing first with network flow zero watermarking by attacker;
B2, the upper routing that attack stream flows through is confirmed using the method that zero watermarking extraction and network communication relationship confirms
Position;
B3, step B2 is repeated until attack stream to be locked in a certain specific local network;
B4, when locking a certain router or local area network, determine what attack stream flowed through according to the method that zero watermarking extracts
Attack source is finally locked on certain or a few physical machines by host route, realizes that IP recalls with this.
Fig. 1 shows the specific operation process using comentropy and hash function to data flow, and Fig. 2 then gives the operation
Specific flow chart.Zero watermarking extraction progress is carried out furtherly to using comentropy and hash function below with reference to Fig. 1 and Fig. 2
It is bright, mainly including the following steps:
Step 1, by the agency operated on local area network border routing, the data flow letter forwarded through the routing is collected
Breath.
Step 2, to different data flows, according to certain rules needed for selection and withdrawal watermark between offset and time
Every.
Step 3, it is distributed according to data package size, calculates the comentropy in each interval, and quantify to it.
Step 4, it inputs one group of code key and seeks the data flow in conjunction with the comentropy after quantization using given hash function
Characteristic quantity, i.e. watermark W.
Step 5, various parameters needed for watermark W and extraction watermark are dumped in third-party agent.
There is determining correspondence between transmitting terminal and receiving end really to verify, need to also be carried out in receiving end corresponding
Watermark extraction.
Fig. 3 shows the network frame figure that the confirmation of network communication relationship is carried out using zero watermarking, and it is double that Fig. 4 then gives communication
The overall flow figure of Fang Jinhang correspondence confirmation.Totality is carried out to the confirmation of communicating pair relationship below with reference to Fig. 3 and Fig. 4 to say
It is bright, mainly including the following steps:
Step 1, according to Fig. 1 and Fig. 2 the method, transmitting terminal border routing is by watermark entrained by transmitting terminal data flow
W is extracted and has been uploaded to third-party agent.
Step 2, the agency on the border routing of receiving end is operated in, the traffic flow information for being transmitted to receiving end is collected.
Step 3, various parameters information needed for extracting watermark is read from third-party agent.
Step 4, Fig. 1 and watermark extracting method shown in Fig. 2 are deferred to according to known parameter, again to the data flow received
Secondary carry out watermark extracting, if the watermark that receiving end is extracted is W '.
Step 5, the watermark W ' that receiving end is extracted is dumped in third-party agent.
Step 6, in third-party agent, the watermark W and W ' that extract twice are compared according to certain algorithm.If W and
Both W ' are identical, then there are apparent correspondences between provable transmitting terminal and receiving end;Conversely, not can prove that then.
Although SYN Flood attack can be with spoofed IP, all IP forged are all from the same host or same local
Net.It is as shown in Figure 5 to the IP backtracking specific steps of SYN Flood attack:
Step 1, it will be assumed that the attack is led to from external network (internal network retrogressive method is the same, only simpler)
The method of above-mentioned network zero watermarking is crossed it was determined that attack stream is from border router.
Step 2, double using Fig. 1 and zero watermarking extracting method shown in Fig. 3 and communication between each router of internet
Square relationship confirmation method, the position for the upper router that confirmation attack stream flows through.
Step 3, step 2 is repeated, until attack stream to be locked in a certain specific local network.
Step 4, in local area network, step 2 is repeated, is no longer the confirmation of network communication relationship between router at this time, and
It is the confirmation of correspondence between routing and host or host and host.
Step 5, step 4 is repeated, finally attack stream is locked on certain or a few hosts.
Above-described embodiment, which is only used to further illustrate, of the invention a kind of utilizes comentropy and hash function to carry out network number
According to the method that stream zero watermarking extracts, but the invention is not limited to embodiments, according to the technical essence of the invention to above
Any simple modification, equivalent change and modification made by embodiment, fall within the scope of protection of technical solution of the present invention.
Claims (4)
1. a kind of method for carrying out the extraction of network data flow zero watermarking using comentropy and hash function characterized by comprising
In the original flow of transmitting terminal, by temporally carrying out fragment to data flow, the distribution situation of statistical data packet size and calculating
Shannon entropy carries out the extraction of zero watermarking using hash function to it;In receiving end, using same method again to receiving
Flow carries out zero watermarking extraction;Confirm transmitting terminal and receiving end with the presence or absence of bright by the comparison of the zero watermarking extracted to both ends
Aobvious network communication relationship;
The step of extraction of the network data flow zero watermarking are as follows:
A1, the original data stream t for obtaining transmitting terminal, choose suitable offset o, according to regular hour piece size T to data
Stream carries out fragment, obtains l timeslice;
A2, in each timeslice size, the distribution situation of statistical data packet size;It calculates in each time interval, it is different
The times N that packet size occursij(i△t);
A3, it calculates in each time interval, the probability that different size packet occurs:
Pij(i △ t)=Nij(i△t)/∑sum J=1Nij(i△t)
Wherein, Nij(i △ t) is represented in i-th of time interval, the number that different size of packet occurs;∑sum J=1Nij(i △ t) generation
In the same time interval of table, the total degree that different size of packet occurs, sum represents the sum of different size packet in the time interval;
A4, the value condition that different size packet in each time interval is represented with stochastic variable X are calculated each using aromatic formula
Shannon entropy in a timeslice:
H (X) '=- ∑n J=1p(xj)logp(xj)
p(xj) probability when representing a certain particular value in stochastic variable;
A5, quantification treatment is carried out to comentropy H (X) ':
H (X)=H (X) ' * a
Wherein, a is quantization unit;
One group of A6, input code key Key, carry out Hash with the Shannon entropy H (X) after quantization, obtain required watermark:
Wi=HASH (Keyi,H(Xi))
Wherein, WiIt is the characteristic quantity of the watermark and data flow finally required, KeyiIt is i-th of code key, H (Xi) it is i-th
The entropy of timeslice, HASH () are hash functions needed for asking watermark.
2. a kind of side for carrying out the extraction of network data flow zero watermarking using comentropy and hash function according to claim 1
Method, it is characterised in that: collect the traffic flow information from transmitting terminal in the border routing of transmitting terminal, zero watermarking is carried out to it and is mentioned
It takes, and the zero watermarking W and extracting parameter of extraction is dumped into third-party agent.
3. a kind of side for carrying out the extraction of network data flow zero watermarking using comentropy and hash function according to claim 2
Method, it is characterised in that: the border routing in receiving end collects the traffic flow information for being sent to receiving end, obtains from third-party agent
Zero watermarking extract needed for various parameters, using zero watermarking extraction the step of extract the received data flow in receiving end entrained by
Zero watermarking W ', and it is sent to third-party agent;Whether the zero watermarking for comparing transmitting terminal and receiving end by third-party agent is identical.
4. a kind of method for carrying out IP backtracking, based on utilization comentropy described in any one of claims 1 to 3 and Hash letter
The method that number carries out the extraction of network data flow zero watermarking, characterized by the following steps:
B1, determining attack stream from border routing first with network flow zero watermarking by attacker;
B2, upper one position routed flowed through using the method confirmation attack stream that zero watermarking extraction and network communication relationship confirms
It sets;
B3, step B2 is repeated until attack stream to be locked in a certain specific local network;
B4, when locking a certain router or local area network, the host that attack stream flows through is determined according to the method that zero watermarking extracts
Attack source is finally locked on certain or a few physical machines by route, realizes that IP recalls with this.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510701787.9A CN105429940B (en) | 2015-10-26 | 2015-10-26 | A method of the extraction of network data flow zero watermarking is carried out using comentropy and hash function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510701787.9A CN105429940B (en) | 2015-10-26 | 2015-10-26 | A method of the extraction of network data flow zero watermarking is carried out using comentropy and hash function |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105429940A CN105429940A (en) | 2016-03-23 |
CN105429940B true CN105429940B (en) | 2019-03-12 |
Family
ID=55507882
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510701787.9A Active CN105429940B (en) | 2015-10-26 | 2015-10-26 | A method of the extraction of network data flow zero watermarking is carried out using comentropy and hash function |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105429940B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106302433B (en) * | 2016-08-11 | 2019-12-31 | 华侨大学 | Network flow watermark detection method and system based on network flow prediction and entropy |
CN106686007B (en) * | 2017-03-03 | 2020-06-02 | 南京理工大学 | Active flow analysis method for discovering intranet controlled rerouting node |
CN109005175B (en) * | 2018-08-07 | 2020-12-25 | 腾讯科技(深圳)有限公司 | Network protection method, device, server and storage medium |
CN111031006A (en) * | 2019-11-22 | 2020-04-17 | 国网浙江省电力有限公司绍兴供电公司 | Intelligent power grid communication anomaly detection method based on network flow |
CN110912895B (en) * | 2019-11-26 | 2022-03-04 | 华侨大学 | Network data flow tracing method based on perceptual hash |
CN114124467B (en) * | 2021-10-29 | 2023-05-05 | 中国电子科技集团公司第三十研究所 | FreeNet anonymous flow detection method and system in open network mode |
-
2015
- 2015-10-26 CN CN201510701787.9A patent/CN105429940B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN105429940A (en) | 2016-03-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105429940B (en) | A method of the extraction of network data flow zero watermarking is carried out using comentropy and hash function | |
Gao et al. | Tracing cyber attacks from the practical perspective | |
JP4683383B2 (en) | Method and system for resilient packet reverse detection in wireless mesh and sensor networks | |
Durcekova et al. | Sophisticated denial of service attacks aimed at application layer | |
Sanmorino et al. | DDoS attack detection method and mitigation using pattern of the flow | |
CN109327426A (en) | A kind of firewall attack defense method | |
CN109120602B (en) | IPv6 attack tracing method | |
Devi et al. | Detection of application layer DDoS attacks using information theory based metrics | |
Luo et al. | Robust network covert communications based on TCP and enumerative combinatorics | |
CN109561051A (en) | Content distributing network safety detection method and system | |
Mittal et al. | A review of DDOS attack and its countermeasures in TCP based networks | |
Foroushani et al. | Deterministic and authenticated flow marking for IP traceback | |
Patil et al. | Unmasking of source identity, a step beyond in cyber forensic | |
CN111953527B (en) | Network attack recovery system | |
Aghaei-Foroushani et al. | IP traceback through (authenticated) deterministic flow marking: an empirical evaluation | |
Vijayalakshmi et al. | IP traceback system for network and application layer attacks | |
Chen et al. | Preventing DRDoS attacks in 5G networks: a new source IP address validation approach | |
CN107835168A (en) | A kind of authentication method being multiplied based on client information sequence spreading matrix transposition | |
Rajam et al. | A novel traceback algorithm for DDoS attack with marking scheme for online system | |
Balyk et al. | A survey of modern IP traceback methodologies | |
CN116074051A (en) | Equipment fingerprint generation method and equipment | |
Wang et al. | Exploiting Content Delivery Networks for covert channel communications | |
TWI489820B (en) | An attack source trace back method | |
Pimpalkar et al. | Defense against DDOS attacks using IP address spoofing | |
Park et al. | An effective defense mechanism against DoS/DDoS attacks in flow-based routers |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |