检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]华中科技大学图像识别与人工智能研究所,湖北武汉430074 [2]中国船舶重工集团公司第七○九研究所,湖北武汉430074
出 处:《华中科技大学学报(自然科学版)》2005年第4期34-37,共4页Journal of Huazhong University of Science and Technology(Natural Science Edition)
基 金:国家自然科学基金重大研究计划资助项目(90104029).
摘 要:提出了一种基于主动防御策略的安全传输模型.在该模型中,以动态覆盖路由器所支撑的安全域为基本单元,定义了智能代理/管理网元及其具有自相似性的多级、分布式管理的体系结构;引入了诱骗报文,使攻击者无法跟踪到发送的真实加密数据报文;根据检测报文的信息,及时地发现攻击并对其进行有效的跟踪定位,并对支撑安全域的覆盖路由器进行动态管理.该模型不仅提高了网络数据传输的安全性,而且增加了网络管理的有效性,分级、分布式的管理模式使得各层管理可根据实际中不同的需求选择适合本层的路由管理策略,增加了管理的灵活性,提高了路由器的转发效率.This paper proposed a security transfer model on the basis of the active defense strategy. In the unit of security domains mainly made up of dynamic overlaying routers, the intelligent agent/management of network element together with the self-similar hierarchical and distributed management structure were defined in the model. Deceptive packets were used so that the attackers could not trance the encrypted data packets. According to the digested information from data packets, this model is capable of detecting attacks and tracing back to the attackers immediately. In the meantime, the overlaying routers in the security domain are dynamically administrated. The model not only improves the security of data transfer on the Web, but also enhances the effectiveness of the network management and switching efficiency of routers as well, and in virtue of the hierarchical and distributed management pattern makes it feasible that every layer can choose specifically routing strategy which fits itself independently according to various demand, this model advances the flexility of management furthermore.
关 键 词:安全传输模型 主动防御 摘要信息 路由控制 诱骗报文 分级管理
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7
