| With more and more site intruded by hackers, security expert found than only use crypt technology to build a security system is not enough. The Intrusion Detection is a new security technology, apart from tradition security protect technology, such as firewall and data crypt. IDS watch the computer and network traffic for intrusive and suspicious activities, they not only detect the intrusion from the Extranet hacker, but also the intranet users. This thesis analyzed the SYN —Flooding attack principle, introduces the foundation of " shake hands three times" negotiate in the TCP of the network conjunction. Aiming at the SYN —Flooding attack agreement foundation and the characteristics, we analyzes and introduces the good and bad of a few defense SYN —Flooding attack. For expatiating the concept of the credibility, we lead into the data fusion theories. The data fusion is a safe appearance that calculator system receive the calculator information according to the time , and the system estimates the oneself to be placed in. we introduce the certain logical reasons and logical reason with the indetermination, especially introduce the indetermination logical reason. The logic of this system carries to adopt the credibility logical reason, and we get right conclusion. This text put forward a kind of TCP/ IP method named " shake hands once" agreement defense method in foundation that we compares the current defense, namely the server carries to the customer of deliver by the proxy server judges, according to ex-statistics to time of the nerve network all rate value, and computes PE in the credibility from the server to the customer. According to the size of PE in credibility, and the server responds to the customer. Passing this method guaranteed the copular and dependable, lowering a flood of malice half link, because of credibility value, in certain time drive throw away very much to carry to calculate the deal, and resolve the this kind distribute type brush-off service attack, especially the series attack too many to take up with repeat to attack to the resources the problem that cause the system paralyzes." although the handshake method once" is the term in IPV4, after IPV6 agreement application, we have the adaptability equally. This system passes the attack defense imitates the reality checks the enunciation, the method that defend of the SYN —Flooding attack have the obvious result, design imitate true system based on network ,and we proceed the emulation data the verification. The conclusion sees that the accuracy of the examination gets the exaltation, although it has a flood of SYN-Flooding attack, because of reducing the operation, a flood of half conjunction the claim is thrown directly away by the act and the server, the system did not collapse and normal conjunction claim be responded .the request comes to a the design and the basic top can solve the attack of SYN-Flooding.
|
PDF Full Text Request