论文部分内容阅读
网络中经常出现常用的服务器因分布式拒绝服务(DDOS)攻击而无法正常访问,或者弱口令主机被攻破的情况.该系统针对这种情况,以上海教育城域网(SEMAN)为研究对象,在SEMAN边界设备上即时识别出异常攻击流量,整理出有威胁的攻击源头形成黑名单,并通过边界网关协议(BGP)在城域网内广播形成路由黑洞以剔除这些危险的攻击报文流量.实际运行表明:系统在SEMAN运行以来,大幅度减少了攻击流量以及被攻破的主机数目,有效地保护了网络内部的各个服务器.
In the network, frequently used servers can not access normally because of Distributed Denial of Service (DDOS) attack or the host of weak password is compromised.This system takes Shanghai Education Metropolitan Area Network (SEMAN) as the research object, On the SEMAN border device, abnormal traffic is immediately identified, blacklists are formed by threatening attack sources, and blacklisted routes are routed within the MAN through Border Gateway Protocol (BGP) to remove these dangerous attack packet traffic. The actual operation shows that the system has greatly reduced the attack traffic and the number of hosts that have been compromised since SEMAN operation, and effectively protected all servers in the network.