The Research of Attack Source Traceback in Distributed Denial-of-Service Attacks Based on VoIP
|Keywords||VoIP DDoS Attack Attack Source Traceback Distribution Tracking Network Security|
VoIP (Voice over IP) is a voice communication technology that based on IP network transmission, the biggest advantage is Internet and the global environment for IP interconnect can be widely used to send the voice, fax, video and data. The maturity of VoIP technology allows many users started to use the IP telephone on the Internet. VoIP can be widely used because of the better voice quality and low prices or even free. At the same time, the network security issues caused by VoIP are increasing, and the harm gradually attracted people’s attention. The security of voice communication has become a critical requirement of VoIP solution. The DDoS attacks that based on open ports will has a direct impact on the foundation of the entire VoIP network. DDoS is a common network attack, It often impact the computer with a large number of connection requests which making the computer can not handle user’s legitimate requests by exhausting all the available operating system resources. Basing on the current network security, this subject hammers at resolving the security problem that VoIP faced to achieve the goal that tracks the source of attacks on VoIP networks with practical and effective means.Firstly, This paper studied the principle of DDoS attacks and the current domestic and foreign methods of source tracking, Pointing out the attack source tracing is still facing the challenges and problems, and Built a VoIP-based DDoS attack source tracking system which Based on the detailed analysis of VoIP users. This system improved the system reliability and availability by improving the data packet analysis and inhibiting the proliferation of alarms, and did a detailed design for key parts including the alarm module which affects system performance and the data packet analysis module. Through researching and improving the algorithm of VoIP tracing attack source of the DDoS, the number of packets that reconstructed the path can be reduced, the efficiency of the path reconstruction can be improved, and fast real-time tracking attack source can be achieved. In order to verify and evaluate the correctness and performance of the program, this paper achieved the relevant algorithms on the network simulator (Network Simulator version 2, NS2), and compared with the other methods. Experimental results shows that:the tracking method this paper studied has the feasibility.