防范DDoS攻击的关键在于攻击源的定位,包标记是攻击源定位技术研究的热点。针对传统概率包标记存在的问题,提出选择IPv4数据报首部的选项字段作为标记区域,采用Huffman编码压缩标记信息,减少路径重构时所需标记包的数量;利用IPv6的隧道模式,在IPv4到IPv6网络时增加一个复制操作,将标记信息转存到IPv6的hop-by-hop字段,增加改进算法的适用范围。实验结果表明,改进算法快速、准确和高效,只需一个数据报即可完成路径重构,适用于IPv4和IPv6网络。%The key to prevent DDoS attacks is locating attack source , and packet marking is the hot spot of attack source locating technology .Aiming at the problems of packet marking , an improved algorithm is proposed . The improved algorithm chooses option field of IPv 4 datagram header as the marking area and uses Huffman code to reduce the number of marked packets during path reconstruction .Packets pass from IPv4 network to IPv6 network, adding a copy operation to copy marking information to IPv 6 extension header of hop -by-hop.Thus, it increases the application scope .The experimental results show that the improved algorithm is rapid , accurate and efficient .It can complete path reconstruction only needing a datagram , which can be applied to IPv 4 and IPv6 network .
展开▼