摘要
本論文提出利用分組為基礎路由器的位址記錄技術,此技術是網路位址追溯技術的一種,可以追溯阻斷服務攻擊的攻擊者。在我們所提出的新技術可以減少路由器記憶體及處理器的需求,可以更有效率的使用路由器的運算資源。現存封包記錄機制是將封包的資訊儲存在路由器中的記憶體中。而我們所提出的封包記錄機制是利用將路由器分組的方法,使多數的路由器無須儲存資訊在本身的記憶體內。換而言之,在我們提出的機制中,上游的路由器透過封包的傳送,可以使下游路由器記錄其上游路由器的資訊。並利用路由器分組的方式,將資訊儲存在每一組的領導路由器中。此外透過編碼機制減少路由器所需要儲存的資訊量。
並列摘要
In this paper we propose the Group Based Router IP Logging scheme which can trace back the attacker of the Denial of Service. One of the advantages of the scheme is to reduce required memory and CPU time in the router for traceback to the true source. The main difference of the novel scheme and existing logging schemes is in the way they store information in the router. In existing logging schemes, information of the packet is stored in memory of the router. However, information of the upstream router is placed in the packet and is stored in the downstream router in our novel scheme. To save memory space, the router in the path is divided into groups and logging information is stored in the group leader. So, this scheme requires only a fraction of the routers to participate in the logging activities. Moreover, this scheme adds an encoding mechanism to reduce the required memory in the router.
參考文獻
延伸閱讀
- Hsu, S. M. (2011). 分群合作式感知網路頻譜感測和通道存取之研究 [master's thesis, National Chiao Tung University]. Airiti Library. https://doi.org/10.6842/NCTU.2011.00286
- 黃致豪(2007)。在隨意型無線網路中建立穩固群播路由協定〔碩士論文,元智大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0009-2407200707340500
- 莊智凱(2007)。以自動分群機制輔助網路服務管理之研究〔碩士論文,國立臺北科技大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0006-2408200716575200
- Lv, Y., Liu, K., Zhang, D., & Miao, Z. (2018). A Secure Routing Protocol Based on Reputation Mechanism. International Journal of Network Security, 20(5), 862-871. https://doi.org/10.6633/IJNS.201809_20(5).07
- 許晉熒、許丕榮(2001)。An Implementation of a Diff-Serv-aware Software Router on Linux。網際網路技術學刊,2(2),119-128。https://doi.org/10.6138/JIT.2001.2.2.03