本文選題：應(yīng)用層網(wǎng)關(guān)　切入點(diǎn)：云計(jì)算　出處：《中國科學(xué)技術(shù)大學(xué)》2014年博士論文　論文類型：學(xué)位論文

【摘要】：云計(jì)算和移動互聯(lián)網(wǎng)的結(jié)合為應(yīng)用服務(wù)提供商帶來了巨大商機(jī),但同時(shí)也使得應(yīng)用服務(wù)提供商面臨許多重大的挑戰(zhàn)。應(yīng)用層網(wǎng)關(guān)作為邊緣網(wǎng)關(guān)設(shè)備位于數(shù)據(jù)中心和外部網(wǎng)絡(luò)之間,其集成了一系列核心的網(wǎng)絡(luò)技術(shù),為應(yīng)用服務(wù)提供商提供具有高性能、高安全性和可擴(kuò)展性的應(yīng)用交付服務(wù)。 在實(shí)際應(yīng)用中,應(yīng)用層網(wǎng)關(guān)仍然面臨著諸多挑戰(zhàn)。首先,面對當(dāng)前爆炸性增長的用戶規(guī)模和數(shù)據(jù)流量,應(yīng)用層網(wǎng)關(guān)面臨著如何為應(yīng)用服務(wù)提供商降低用戶訪問延遲的難題。其次,在當(dāng)前復(fù)雜的網(wǎng)絡(luò)環(huán)境中,應(yīng)用服務(wù)提供商往往會遭受各種分布式拒絕服務(wù)攻擊(DDoS)。應(yīng)用層網(wǎng)關(guān)如何能夠有效地針對基于HTTP協(xié)議的應(yīng)用層DDoS攻擊進(jìn)行檢測,是亟需解決的問題。同時(shí),當(dāng)面對龐大的用戶訪問規(guī)模和數(shù)據(jù)流量時(shí),單一的應(yīng)用層網(wǎng)關(guān)是無法承載如此大規(guī)模的負(fù)載的。因此在這種場景下,應(yīng)用層網(wǎng)關(guān)如何對應(yīng)用服務(wù)器集群進(jìn)行可擴(kuò)展的負(fù)載均衡是具有重要研究意義的。本文針對上述應(yīng)用層網(wǎng)關(guān)的攻擊檢測和性能優(yōu)化問題進(jìn)行了研究。本文相應(yīng)的主要研究內(nèi)容和創(chuàng)新點(diǎn)如下所示： 1.提出一種基于PLSA預(yù)測模型的web緩存算法 針對當(dāng)前的web緩存算法在緩存替換策略中沒有考慮用戶的興趣和訪問行為模式的情況,提出了一種基于概率潛語義分析(PLSA)預(yù)測模型的web緩存算法。首先本文引進(jìn)文本檢索領(lǐng)域的PLSA預(yù)測模型,通過訓(xùn)練web訪問日志來建立描述用戶訪問行為和興趣的PLSA預(yù)測模型。然后利用建立的PLSA預(yù)測模型對NGRAM-GDSF緩存算法進(jìn)行擴(kuò)展,引入表征用戶興趣度的未來訪問頻率因子,作為web對象未來頻率的一個(gè)預(yù)測。實(shí)驗(yàn)結(jié)果顯示,當(dāng)緩存為內(nèi)存的0.1%時(shí),與NGRAM-GDSF緩存算法相比,PN-GRAM緩存算法的命中率和byte命中率分別提升了3.01%和1.43%,而IPN-GRAM算法的命中率和byte命中率則提升了5.88%和3.13%。 2.提出一種基于用戶行為的應(yīng)用層DDoS攻擊檢測算法 針對Flash crowds事件發(fā)生時(shí)應(yīng)用層分布式拒絕服務(wù)攻擊的檢測問題,提出了一種基于用戶行為挖掘的應(yīng)用層分布式拒絕服務(wù)攻擊檢測算法。首先利用隱半markov模型(HsMM)來對用戶訪問行為的動態(tài)變化過程進(jìn)行建模,獲得對應(yīng)正常用戶訪問行為的模型參數(shù)λ＝(Q,π,A,B,P)。然后在進(jìn)行攻擊檢測時(shí),將觀測的數(shù)據(jù)與獲得的隱半markov模型進(jìn)行擬合,計(jì)算對應(yīng)的平均信息熵。通過比較觀測數(shù)據(jù)對應(yīng)擬合模型參數(shù)獲得的信息熵和正常用戶訪問時(shí)的信息熵的偏離,來進(jìn)行攻擊檢測。同時(shí)利用聚類來降低模型訓(xùn)練時(shí)的數(shù)據(jù)集維度。通過實(shí)驗(yàn)和仿真,驗(yàn)證了算法的可行性和有效性。當(dāng)閾值設(shè)定為-2.7時(shí),DR約為97%,而FNR約為2%。 3.提出一種可擴(kuò)展的大規(guī)模web服務(wù)器集群負(fù)載均衡策略 針對在用戶規(guī)模和數(shù)據(jù)量過于龐大時(shí),單一的應(yīng)用層網(wǎng)關(guān)無法承載用戶請求負(fù)載的情況,提出了一種可擴(kuò)展的大規(guī)模web服務(wù)器集群負(fù)載均衡策略。該策略利用了現(xiàn)有的多路徑路由協(xié)議和分布式系統(tǒng)技術(shù),將負(fù)載均衡的功能劃分為三層,由對應(yīng)的服務(wù)器和路由器來實(shí)現(xiàn)對應(yīng)的功能,可以動態(tài)的擴(kuò)展二級負(fù)載均衡服務(wù)器,從而使得服務(wù)器集群的負(fù)載均衡具有高擴(kuò)展性。對于每個(gè)虛擬IP,都有多條路徑可達(dá),利用Mean-variance數(shù)學(xué)模型來獲得最優(yōu)的路徑權(quán)值向量并為每條路徑分配權(quán)值。實(shí)驗(yàn)結(jié)果表明,采用本文提出的策略的多路徑系統(tǒng)獲得較為平穩(wěn)的延遲抖動率。同時(shí)與單路徑系統(tǒng)相比,多路徑系統(tǒng)的數(shù)據(jù)包丟失率隨著系統(tǒng)流量的增加其增長速度相對緩慢,在相同負(fù)載情況下,單路徑系統(tǒng)的數(shù)據(jù)包丟失率為76.81%,而多路徑系統(tǒng)的數(shù)據(jù)包丟失率僅為54.38%。
[Abstract]:With the combination of cloud computing and mobile Internet has brought great opportunities for application service providers, but also makes the application service providers are facing many serious challenges. The application layer gateway as the edge gateway equipment in the data center and the external network, which integrates a series of core network technology, providing high performance application service provider, high the safety and scalability of the application delivery service.
In practical application, the application layer gateway is still facing many challenges. First of all, in the face of the user scale and the data flow of the explosive growth of the application layer gateway to face a difficult for application service providers to reduce user access latency. Secondly, in the current complex network environment, the application service provider will often suffer from a variety of distributed denial service attack (DDoS). The application layer gateway effectively for application layer DDoS attack detection based on HTTP protocol, it is urgent to solve the problem. At the same time, when facing the huge scale of user access and data flow, application layer gateway single is not carrying such a large load. So in this scene next, the application layer gateway to application server cluster load balancing is scalable with important research significance. Based on the application layer gateway attack The problem of attack detection and performance optimization is studied. The main contents and innovation points of this paper are as follows:
1. a web caching algorithm based on PLSA prediction model is proposed
According to the Web algorithm in the buffer cache replacement strategy does not consider the user's interests and access behavior model, propose a semantic analysis based on probabilistic latent (PLSA) web buffer algorithm prediction model. Firstly, the introduction of text retrieval PLSA prediction model, the access log by training the web to set up a user access behavior and in the PLSA prediction model. PLSA prediction model using extensions to the NGRAM-GDSF cache algorithm are introduced to characterize the interest of users in the future access frequency factor, as a predictor of future web object frequency. Experimental results show that when the cache memory for the 0.1%, compared with the NGRAM-GDSF caching algorithm, PN-GRAM caching algorithm the hit rate and hit rate of byte were improved by 3.01% and 1.43%, while the IPN-GRAM algorithm byte hit rate and hit rate is improved by 5.88% and 3.13%.
2. an application layer DDoS attack detection algorithm based on user behavior
Aiming at the problem of detecting the Flash crowds event occurs when the application layer distributed denial of service attacks, this paper proposes a model for mining user behavior based on application layer DDoS attack detection algorithm. Firstly using hidden semi Markov model (HsMM) to dynamic user access behavior change process modeling, model parameter to obtain the corresponding normal User Access Act = (Q, A, B, PI, P). Then in the attack detection, the observed data and obtain the hidden semi Markov model fitting, the average information entropy is calculated. By comparing the data from the information entropy to obtain the corresponding model parameters and the normal user access information entropy, to attack detection. At the same time using clustering to reduce the dimension of model training data set. Through simulation and experiment verify the feasibility and effectiveness of the algorithm. When the threshold is set to -2.7, DR It's about 97%, and FNR is about 2%.
3. a scalable load balancing strategy for large scale web server cluster
In the user scale and the amount of data is too large, the application layer gateway single user request cannot bear the load, proposes a scalable large-scale web server cluster load balancing strategy. This strategy utilizes the existing system technology of multi path routing protocol and distributed load balancing function, divided into three layers and by the corresponding servers and routers to realize the corresponding function, two level load balancing server dynamic expansion, so that the load balancing cluster with high scalability. For each virtual IP, there are multiple paths reachable, using Mean-variance model to obtain the optimal path weight vector and weights for each path. The experimental results show that using multi path system this paper puts forward the strategy of obtaining rate jitter delay relatively stable. At the same time compared with the single path system, multi-channel The packet loss rate of the path system increases slowly with the increase of the system traffic. Under the same load, the packet loss rate of the single path system is 76.81%, while the packet loss rate of the multipath system is only 54.38%..

【學(xué)位授予單位】：中國科學(xué)技術(shù)大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 陳康;鄭緯民;;云計(jì)算:系統(tǒng)實(shí)例與研究現(xiàn)狀[J];軟件學(xué)報(bào);2009年05期

2 花嶸;傅游;楊靈芝;;Linux集群節(jié)點(diǎn)信息獲取方法的研究[J];信息技術(shù)與信息化;2009年03期

，

本文編號：1599016