基于LDoS攻击数据流量的周期性特征,Sun提出了一种采用动态时间环绕(Dynamic Time Warping, DTW)进行攻击识别的方法[12, 13]。这种方法的识别率较高,而且可以识别周期、脉冲长度变化的LDoS攻击。但由于利用的是现实LDoS攻击数据流与其样本攻击数据流的相似性进行检测,它只是对于LDoS攻击的汇聚数据流检测效果较好,对于DLDoS攻击的每条攻击链路检测效果则不够理想。
[1]A. Kuzmanovic and E. W. Knightly, "Low-rate TCP-targeted denial of service attacks and counter strategies," IEEE/ACM Transactions on Networking, vol. 14, pp. 683-696, Aug 2006.
[2]Yanxiang He, Tao Liu, and Qiang Cao, "A survey of Low-rate Denial-of-Service attacks," JOURNAL OF FRONTIERS OF COMPUTER SCIENCE & TECHNOLOGY, vol. 2, pp. 1-19, 2008.
[3]A. Kuzmanovic and E. W. Knightly, "Low-rate TCP-targeted denial of service attacks - (The shrew vs. the mice and elephants)," in ACM SIGCOMM, Karlsruhe, Germany, 2003, pp. 75-86.
[4]X Luo and RKC Chang, "On a New Class of Pulsing Denial-of-Service Attacks and the Defense," in Network and Distributed System Security Symposium (NDSS), San Diego, CA., 2005, pp. 2-5.
[5]M. Guirguis, A. Bestavros, and I. Matta, "Exploiting the transients of adaptation for RoQ attacks on Internet resources," in IEEE International Conference on Network Protocols (ICNP), Berlin, GERMANY, 2004, pp. 184-195.
[6]M. Guirguis, A. Bestavros, I. Matta, and Y. Zhang, "Reduction of quality (RoQ) attacks on dynamic load balancers: Vulnerability assessment and design tradeoffs," in IEEE INFOCOM, Anchorage, AK, 2007, pp. 857-865.
[7]V. A. Kumar, P. S. Jayalekshmy, G. K. Patra, and R. P. Thangavelu, "On Remote Exploitation of TCP Sender for Low-Rate Flooding Denial-of-Service Attack," IEEE Communications Letters, vol. 13, pp. 46-48, Jan 2009.
[8]G. Macia-Fernandez, J. E. Diaz-Verdejo, and P. Garcia-Teodoro, "Evaluation of a low-rate DoS attack against iterative servers," Computer Networks, vol. 51, pp. 1013-1030, Mar 2007.
[9]G. Macia-Fernandez, J. E. Diaz-Verdejo, and P. Garcia-Teodoro, "Evaluation of a low-rate DoS attack against application servers," Computers & Security, vol. 27, pp. 335-354, Dec 2008.
[10]S. Sarat and A. Terzis, "On the effect of router buffer sizes on low-rate denial of service attacks," in International Conference on Computer Communications and Networks (ICCCN), San Diego, CA, 2005, pp. 281-286.
[11]TJ Ott, TV Lakshman, and LH Wong, "SRED: stabilized RED," in IEEE INFOCOM, 1999.
[12]H. B. Sun, J. C. S. Lui, and D. K. Y. Yau, "Defending against low-rate TCP attacks: Dynamic detection and protection," in IEEE International Conference on Network Protocols (ICNP), Berlin, GERMANY, 2004, pp. 196-205.
[13]H. B. Sun, J. C. S. Lui, and D. K. Y. Yau, "Distributed mechanism in detecting and defending against the low-rate TCP attack," Computer Networks, vol. 50, pp. 2312-2330, 2006.
[14]Y. Chen and K. Hwang, "Collaborative detection and filtering of shrew DDoS attacks using spectral analysis," Journal of Parallel and Distributed Computing, vol. 66, pp. 1137-1151, Sep 2006.
[15]W. Wei, Y. B. Dong, D. M. Lu, G. Jin, and H. L. Lao, "A Novel mechanism to defend against low-rate denial-of-service attacks," in IEEE International Conference on Intelligence and Security Informatics (ISI), San Diego, CA, 2006, pp. 261-271.
[16]Changwang Zhang, Jianping Yin, Zhiping Cai, and Weifeng Chen, "RRED: Robust RED Algorithm to Counter Low-Rate Denial-of-Service Attacks," IEEE Communications Letters, vol. 14, pp. 489-491, May 2010.
[17]张长旺, 殷建平, 蔡志平, 刘新旺, 林加润, and 朱明, "一种抗DDoS攻击的主动队列管理算法," 软件学报, 2011.