检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]四川大学网络空间安全研究院,四川成都610065 [2]四川大学计算机学院,四川成都610065
出 处:《华中科技大学学报(自然科学版)》2018年第1期1-5,21,共6页Journal of Huazhong University of Science and Technology(Natural Science Edition)
基 金:国家自然科学基金资助项目(61272447)
摘 要:针对现有的高速网络环境下,网络安全分析框架缺乏协议还原过程,导致准确性差和整体架构不易扩展的问题,提出一个基于Storm的协议还原框架.该框架使用高性能数据包捕获工具抓取数据包,并且基于其上实现分布式的实时网络流量处理模块,完整地还原了网络会话.此外通过使用内存管理和基于树状布隆过滤器的传输控制协议(TCP)还原策略提高其系统运行效率及准确率.最后通过验证得出:该系统可以实现万兆流量的捕获及采集,扩展性良好,易于在大规模集群中部署,而且准确率高.In the existing high-speed network environment,the network security analysis framework lacked the protocol restoring process.It led to the problem of poor accuracy and the overall structure was extremely diffcult to scale this series of issues.An application layer protocol restore framework on storm was presented to address the previously mentioned problems.Besides a high performance packet capture tool was used by the framework to capture data packets.And the distributed real time network traffic processing module was realized.On top of that with using the technology including memory management and the transmission control protocol(TCP) restore strategy based on tree bloom filter,the system has a improvement on its efficiency.It proved that the system can realize the capture and collection of the 10 Gbps.Apart form that the framework pocess haghly scalability and time-saving deployment in large scale clusters,and then it was accurate.
分 类 号:TP302[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.219.133.22
