本文選題：云計(jì)算　切入點(diǎn)：DoS攻擊　出處：《中國(guó)民航大學(xué)》2017年碩士論文

【摘要】：拒絕服務(wù)(Denial of Service,DoS)攻擊是云計(jì)算平臺(tái)面臨的主要安全威脅之一。針對(duì)云計(jì)算環(huán)境下路由平臺(tái)容易遭受DoS攻擊的問題,研究了基于安全訪問路徑(Security Access Path,SAP)的云計(jì)算路由平臺(tái)防御DoS攻擊的方法。在研究云計(jì)算環(huán)境中DoS攻擊的基礎(chǔ)上,根據(jù)云計(jì)算平臺(tái)泛聯(lián)路由策略,基于Chord協(xié)議,改進(jìn)傳統(tǒng)安全覆蓋網(wǎng)服務(wù)(Secure Overlay Service,SOS)方法,提出了安全訪問路徑算法(Security Access Path Algorithm,SAPA)。該算法在邏輯上將泛聯(lián)路由平臺(tái)分為安全接入層、中間層和秘密傳輸層,利用各個(gè)節(jié)點(diǎn)維護(hù)的節(jié)點(diǎn)路由表(Node Route Table,NRT),生成安全路徑,并在數(shù)據(jù)中心與泛聯(lián)路由平臺(tái)核心層外圍設(shè)置過濾策略;該算法采用周期性隨機(jī)更新角色節(jié)點(diǎn)以及緩存安全路徑的策略,以保證安全路徑的動(dòng)態(tài)性,提高路由平臺(tái)的安全性以及訪問請(qǐng)求處理效率。本文建立了SAPA數(shù)學(xué)模型,設(shè)計(jì)驗(yàn)證算法的性能指標(biāo)。在OMNeT++仿真實(shí)驗(yàn)平臺(tái)中對(duì)提出方法進(jìn)行了仿真測(cè)試,并在實(shí)際網(wǎng)絡(luò)環(huán)境中搭建Test-bed平臺(tái),驗(yàn)證SAPA性能及其對(duì)DoS攻擊的防御效果;從防御DoS攻擊效果的角度將SAPA與SOS進(jìn)行比較分析,實(shí)驗(yàn)結(jié)果表明:SAPA有較為理想的通信性能,比SOS更有效地降低DoS攻擊對(duì)路由平臺(tái)通信成功率的影響,同時(shí)提高了用戶訪問效率。
[Abstract]:Denial of Service dos) attack is one of the main security threats to cloud computing platform. This paper studies the method of defending DoS attack on cloud computing routing platform based on secure access path (Access path). On the basis of studying DoS attack in cloud computing environment, according to the ubiquitous routing strategy of cloud computing platform, based on Chord protocol, this paper proposes a new approach to protect cloud computing routing platform from DoS attack. By improving the traditional secure Overlay Service SOS method, a secure access path algorithm, Security Access Path algorithm, is proposed, which logically divides the pan-linked routing platform into secure access layer, intermediate layer and secret transport layer. The node routing table (Node Route TableNRTN) maintained by each node is used to generate the secure path, and the filtering strategy is set up around the core layer of the data center and the Pan-Union routing platform, and the algorithm adopts the strategy of periodically updating the role node and caching the security path. In order to ensure the dynamic nature of the secure path and improve the security of the routing platform and the efficiency of access request processing, the SAPA mathematical model is established in this paper. The performance index of the verification algorithm is designed. The proposed method is simulated and tested in the OMNeT simulation experiment platform, and the Test-bed platform is built in the actual network environment to verify the performance of SAPA and its defensive effect on DoS attack. The comparison between SAPA and SOS from the point of view of defending against DoS attack shows that SAPA has better communication performance than SOS, and it can reduce the influence of DoS attack on the communication success rate of routing platform more effectively than SOS. At the same time, it improves the user access efficiency.
【學(xué)位授予單位】：中國(guó)民航大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：TP393.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 唐輝,李祖鵬,張國(guó)杰,黃建華;結(jié)構(gòu)化覆蓋網(wǎng)絡(luò)模型Chord研究[J];計(jì)算機(jī)工程與應(yīng)用;2005年01期

2 黃琰;周學(xué)海;李曦;;動(dòng)態(tài)概率探測(cè)解決Chord斷環(huán)問題[J];計(jì)算機(jī)工程與應(yīng)用;2006年36期

3 王菁;楊壽保;郭磊濤;周金洋;;基于延遲敏感的雙向查詢Chord系統(tǒng)[J];小型微型計(jì)算機(jī)系統(tǒng);2007年04期

4 劉云;馬義忠;，

本文編號(hào)：1675600