基于状态转换的sip容侵模型研究research on the intrusion tolerance .pdfVIP

第 30 卷第 12 期 通 信 学 报 Vol.30 No.12 2009 年 12 月 Journal on Communications December 2009 基于状态转换的SIP容侵模型研究 张兆心，张冰，方滨兴，胡萍，李斌 （哈尔滨工业大学计算机网络与信息安全技术研究中心，黑龙江 哈尔滨 150001 ） 摘 要：通过对 DoS 攻击的原理、方式和特征及 SIP 网络面对的典型 DoS 攻击的深入研究，结合基于状态转换 的容侵模型、Client Puzzle 思想、SIP 会话、SIP 网络及其代理服务器的特点，提出了基于状态转换的 SIP 容侵模 型，并设计相应的仿真实验环境，对该模型抵御 DoS 攻击的能力进行测试。测试结果表明该模型可以有效地处理 针对计算能力、等待时间和洪水攻击类型的 DoS 攻击，增强了系统承载 DoS 攻击的能力，提高了 SIP 网络的可 用性。 关键词：SIP；DoS ；状态转换；容侵模型 中图分类号：TP393 文献标识码：A 文章编号：1000-436X(2009)12-0001-11 Research on the intrusion tolerance model of SIP based on state transfer ZHANG Zhao-xin, ZHANG Bin, FANG Bin-xing, HU Ping, LI Bin (Research Center of Computer Network and Information Security Technology, Harbin Institute of Technology, Harbin 150001, China) Abstract: Through deeply analyzing on the principle, mode, character of DoS and the DoS attack faced by SIP network, combining with the state transferring of intrusion tolerance, the idea of Client Puzzle, the character of SIP session, SIP network and SIP proxy server, put forward the SIP intrusion tolerence mode based on state transferring, and designed the testbed to test the ability of resisting DoS attack. The experiment result prove that this model can effectively resist the DoS attack including aiming at computing ability, waiting time, and flood, which improve the ability of SIP server on re- sisting DoS attack and the usablity of SIP network. Key words: SIP; DoS; state transfer; intrusion tolerance model neering task force) 为核心制定的会话初始化协议 1 引言