检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]哈尔滨工程大学计算机科学与技术学院,黑龙江哈尔滨150001
出 处:《武汉大学学报(理学版)》2006年第5期604-607,共4页Journal of Wuhan University:Natural Science Edition
基 金:国防预研基金资助项目(413150702)
摘 要:为了克服IP数据报独立选择路由带来的,在拥有多个接入点的分布式网络模式下传统的状态检测技术无法进行有效的安全检测的缺陷,提出了一种应用于网络层的分布式Hash算法,将源和目的地址相同的IP数据报定向到同一个接入点上进行处理,使得在该点上可以完整地重组会话,从而实现分布式状态检测.为增加该算法的鲁棒性,进一步提出了一种应用于传输层的、具有回迁策略的负载平衡算法,选择任务最少的邻居节点协同处理本地过多的负载,转为轻载状态后迁回迁移出去的任务.仿真实验证明该算法具有较好的可行性、稳定性.Traditional stateful inspection technology cannot perform efficient security detection under the distributed network mode that has multi access points because that the IP packet routing is independent. A distributed Hash algorithm applied in network layer is brought forward to overcome the limitations. The algorithm redirects the IP packets that have the same source and destination to a certain access point to treat. Then the sessions could be reassembled fully in that certain access point and the distributed stateful inspection would be implemented. To improve the robustness of above, a load-balancing algorithm that has transferred back strategy is brought forward in transport layer. The neighbor node that has the least tasks will be selected to deal with local excessive loads. The loads, which were moved out, will be transferred back when local node turns to be light state. The simulation experimentation proves that the algorithms have preferable feasibility and stability.
关 键 词:多接入点网络 状态检测 分布式Hash算法 负载平衡
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.46
