检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]厦门出入境检验检疫局,福建厦门361012 [2]厦门大学软件学院,福建厦门361005 [3]西安交通大学电信学院,陕西西安710049
出 处:《厦门大学学报(自然科学版)》2010年第2期198-204,共7页Journal of Xiamen University:Natural Science
基 金:国家质量监督检验项目(2008IK076);中国博士后科学基金(20090451384)
摘 要:针对大规模网络所面临的安全问题,提出了一种全方位、立体化纵深的分布式主动协同防御模型,并从模型架构、功能实现机制到模型的算法描述等方面,给出了主动协同防御DDOS攻击和网络蠕虫(或恶意代码)的完整实现方法.该模型通过大规模网络自治域域内和域间之间安全部件的协作,从网络边界层、核心层、子网层到主机层对网络安全问题进行多层次主动协同防御.通过设计一整套主动协同防御的功能实现机制,集成了入侵检测、防火墙和蜜网等安全技术,使该模型不但能够有效地解决大规模网络所面临的安全防御问题,而且还具有良好的通用性和扩展性.In order to defend the attacks caused by DDOS and worms (or vicious codes) in large scale network, a general, solid,indepth and distributed active cooperation defense model is presented. A set of achievable methods ranging from systemic architecture, function mechanisms and algorithm descriptions are given. The model, which is demonstrated by the system architecture, function modules and active cooperation defense to stop the attacks, is the integrated and systemic model. It integrates several role security technologies, such as IDS, firework and honeynet, and achieves a complete set of functional mechanisms for active cooperation defense. By the cooperation from the security components within inside and outside the autonomous system (AS),we realize the active cooperation defense which involves the multi-level defense range from network boundary level, kernel level, sub-network level to host level. As a result,the presented model not only can achieve effectively security defense in the large scale network,but also can have the good generality and scalability.
分 类 号:TP393.07[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.145
