Intrusion traceback is an important technology in network security aspect,,which is aiming at tracing the real source of attacking, providing precise information for alarm and supplying reliable proof for post-crime testification and improving network system's security. In actual network a common attacking means are always adopted by hackers, which will firstly break into some weaker hosts, then attack the terminal objects making the weaker ones as "springboard". An reliable and universal tracing framework useful in network is required for resolving this attacking means. Jini is a new distributed system model which is put forword buy Sun company in 1999. In this article Jini was applied in the traceback system. It make the traceback system to be expandable, extensible and self-adaptability. All this make the traceback system is compatible with present exist traceback systems and can be easily deployed broadly in the Internet. The basic conception of network security and necessity of traceback are introduced in the first chapter. Present traceback technology is described in the second chapter, which emphatically introduces CITRA. According to CITRA, an intrusion traceback framework based on Jini is put forward, whose expandability, extensibility and self-adaptability are discussed. In the fourth chapter simulation experiment is practised . which get excellent result.
|