Abstract
With the help of client server technology, distributed denial of service attack combines multiple computers as attack platform to launch DoS attack on one or more targets, thus doubling the power of denial of service attack. In this paper, the advantages of traditional IP packet filtering technology are analyzed, and a DDoS attack defense strategy based on dynamic IP packet filtering technology is studied. PKI consists of the following five parts: key backup and recovery system, certificate library, CA system. The paper presents construction of compound DDOS network security system based on PKI and CA Authentication.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, Li-Chiou, Thomas A. Longstaff, Kathieen M. Carley. 2014. Charterization of defense mechanisms against distributed denial of service attacks. Computer & Security (23): 663–678 (in Chinese).
Okamoto, Eiji. 1998. Key distribution system based on identification information 194–202. Springer-Verlag.
Bos, J.N.E. and D.Chaum. 2013. Provably unforgeable signatures. Lecture Notes in Computer Science 740: 1–14.
Smart, N.P. 2012. An identity based authenticated key agreement protocol based on the weil pairing. Electronics Letters 38 (13): 630–632.
Zhengyi, Chai, and Bai Hao. 2008. An intrusion tolerant protection mechanism for ca private keys. Computer applications 28 (4): 900–911.
Huang, J. Z., and L. Yang. 2014. Identification of non-linear additive autoregressive models. Royal Statistical Society 463–477.
Schnorr, C.P. 2011. Efficient signature generation by smart cards. Journal of Cryptology 4: 161–174.
Qiuxin, Wu. Yang Yixian, Hu Zhengming. 2012. An Authentication and key Distribution Scheme based on user identifiers, Communication Privacy (2): 6–9 (in Chinese).
Ming, Lu, Hu Hengyi, and Xia Chun. 2015. A DDOS active Defense algorithm DSDA based on Network Symmetry, Computer. Engineering and Design 26 (3): 639–643.
Jhonson, D., A. Menezes, and S. Vanstone. 2011. The elliptic curve digital signature algorithm. International Journal on Information Secure 1: 36–63.
Acknowledgements
This paper is supported by the Project of Qingyuan Network Security and Maintenance Skilled Master Studio.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Wang, B., Zhang, X. (2020). Construction of Compound DDOS Network Security System Based on PKI and CA Authentication. In: Huang, C., Chan, YW., Yen, N. (eds) Data Processing Techniques and Applications for Cyber-Physical Systems (DPTA 2019). Advances in Intelligent Systems and Computing, vol 1088. Springer, Singapore. https://doi.org/10.1007/978-981-15-1468-5_47
Download citation
DOI: https://doi.org/10.1007/978-981-15-1468-5_47
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-1467-8
Online ISBN: 978-981-15-1468-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)