检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:苗力仁 扈红超[1] 霍树民 程国振[1] MIAO Li-ren;HU Hong-chao;HUO Shu-min;CHENG Guo-zhen(National Digital Switching System Engineering R&D Center,Zhengzhou,Henan 450002,China)
机构地区:[1]国家数字交换系统工程技术研究中心
出 处:《电子学报》2019年第8期1724-1730,共7页Acta Electronica Sinica
基 金:信息工程大学新兴方向研究项目(No.2016610708);国家自然科学基金(No.61602509)
摘 要:针对IP地址动态化防护技术引入额外开销而导致正常网络传输性能下降的问题,首次设计并实现了一种基于矢量数据包处理(Vector Packet Processing,VPP)加速的IP地址动态防护系统,在隐藏真实IP地址的同时增强了系统数据处理能力.首先,针对控制平面和数据平面处理逻辑不同,分别设计了快转发逻辑和慢转发逻辑,降低数据报文处理过程中的拷贝次数;其次,面向真实IP-虚假IP频繁映射,提出一种共享内存的高效的IP地址动态变换机制;再次,采用最优化和哈希链算法制定了IP跳变策略与虚假IP地址预分配机制,最小化系统性能损耗;最后,实验结果表明,系统能够有效抵御DoS攻击并将潜在的侦查攻击命中率控制在16%以下,在数据处理性能上也有明显的速度提升.IP address dynamic protection techniques will introduce additional overhead.Therefore,the performance of normal network transmission decreases.A dynamic protection system of IP address accelerated by Vector Packet Processing(VPP)is designed and implemented for the first time,which can hide the real IP address and enhance the system's data Processing ability.Firstly,fast forwarding logic and slow forwarding logic are designed respectively for different logic of control plane and data plane processing,so as to minimize the number of copies in data message processing.Secondly,facing the frequent mapping between real IP and virtual IP,an efficient dynamic IP address transformation mechanism of Shared memory is proposed.Thirdly,the optimization algorithm is used to formulate the IP hopping strategy,and the hashing chain algorithm is used to formulate the efficient virtual IP address pre-allocation mechanism.Minimize system performance losses.Finally,the experimental results show that the system can effectively resist DoS attacks and control the potential detection attack hit rate below 16%,which is significantly improved in data processing performance.
分 类 号:TN915.08[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.148.206.183