基于Octeon多核网络处理器的IPv6联动IPS研究与设计  被引量:2

Research and Design of Linked IPS Based on Octeon Multi-core Network Processor for IPv6

在线阅读下载全文

作  者:杨吉喆[1] 王玲玲[1] 陆建德[1] 

机构地区:[1]苏州大学计算机学院江苏省计算机信息处理技术重点实验室,江苏苏州215006

出  处:《微电子学与计算机》2011年第12期79-83,88,共6页Microelectronics & Computer

基  金:国家自然科学基金(61070170);江苏省高校自然科学研究计划项目(08KJB520011)

摘  要:对基于Octeon多核网络处理器的新一代IPv6高速网络联动入侵防御系统进行研究,设计了新型联动入侵防御原型.系统基于Octeon多核的高速处理,并结合了IPv6网络中入侵的新特点.在基于入侵检测规则库规则匹配技术的基础上,运用新型的协议分析技术和基于流的检测技术,在Octeon多核间分配控制层与数据层的不同执行,采用命名块机制进行多核间通信,通过数据层核向控制层核的反馈,实现了流处理及协议分析模块与控制模块的高速联动.系统实现了Gbps级的高速入侵检测与联动防御处理.The paper has made research to the Linked Intrusion Prevention System based on Octeon multi-core network processor for new generation high-speed IPv6 network.,and designed a new type of prototype.The system design is based on high-speed processing on Octeon multi-core,and combines new intrusion characteristics occurred in IPv6 network.On the basis of the technique of matching rules in rule library for intrusion detection,and using the new protocol analysis and flow-based detection techniques,the different executions including control plane and data plane are distributed on multiple cores of Octeon.Adopting the mechanism of named blocks to communicate between multiple cores,and by means of the feedbacks from the cores running data plane code to the control plane core,the system has realized the high-speed linking between the flow processing,protocol analysis module and the control module,which is competent for the high-speed intrusion detection and linked prevention at Gbps level.

关 键 词:OCTEON 多核 IPV6 IPS 联动 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象