本文選題：防噪技術(shù) + 局部過載　； 參考：《北京郵電大學》2014年碩士論文

【摘要】：以互聯(lián)網(wǎng)為代表的信息革命極大地改變了人們的生產(chǎn)生活方式,成為推動經(jīng)濟發(fā)展和社會進步的重要因素。但與此同時,互聯(lián)網(wǎng)安全問題日益嚴重,不良信息隱藏在正常信息下暗流涌動,個人信息泄露、網(wǎng)銀失竊等安全事件頻繁發(fā)生。 深度包檢測技術(shù)在阻止有害信息傳播、預防信息泄露等方面發(fā)揮了重要作用,被廣泛地應用于網(wǎng)絡入侵檢測和防護中。然而,隨著網(wǎng)絡帶寬的增長和特征庫的膨脹,現(xiàn)有的深度包檢測系統(tǒng)出現(xiàn)性能瓶頸。研究表明,深度包檢測系統(tǒng)的資源與時間主要耗費在模式匹配上,而廣域網(wǎng)中有大量數(shù)據(jù)包不需要進行模式匹配,對深度包檢測系統(tǒng)來說屬于噪聲,減少噪聲可以提高系統(tǒng)性能和檢測效果。因此,本文主要研究深度包檢測系統(tǒng)的防噪技術(shù)。 本文以基于多核并行處理架構(gòu)的深度包檢測系統(tǒng)為研究對象,研究了深度包檢測系統(tǒng)噪聲流量的分類問題,根據(jù)TCP/IP協(xié)議模型將噪聲流量分為三類：網(wǎng)絡層噪聲、傳輸層噪聲和應用層噪聲,并分析了它們對深度包檢測系統(tǒng)的危害。網(wǎng)絡層噪聲影響系統(tǒng)的流量分發(fā)階段,引發(fā)局部過載問題,傳輸層噪聲對流量還原階段的連接管理有嚴重地破壞作用,造成連接爆炸問題,應用層噪聲對深度包檢測系統(tǒng)的影響較小。根據(jù)危害的大小,本文對網(wǎng)絡層噪聲和傳輸層噪聲的防范技術(shù)進行了深入地研究,針對網(wǎng)絡層噪聲提出了一種基于過濾的自反饋流量分發(fā)策略,針對傳輸層噪聲設計了三級連接表,并提出了一種新的混合連接管理策略。最后對防噪方案進行測試,測試結(jié)果表明：本文所提方法能夠有效地過濾網(wǎng)絡層和傳輸層噪聲流量,增強了系統(tǒng)的健壯性,系統(tǒng)性能也有所提升。
[Abstract]:The information revolution represented by the Internet has greatly changed people's way of production and life and become an important factor to promote economic development and social progress. But at the same time, the Internet security problem is becoming more and more serious, bad information hidden under the normal information flow, personal information leakage, network theft and other security incidents occur frequently. Depth packet detection plays an important role in preventing harmful information from spreading and information leakage. It is widely used in network intrusion detection and protection. However, with the increase of network bandwidth and the expansion of signature library, the existing depth packet detection system has a performance bottleneck. The research shows that the resources and time of the depth packet detection system are mainly consumed in pattern matching, and a large number of data packets in WAN do not need pattern matching, which is noise to the depth packet detection system. Noise reduction can improve system performance and detection effect. Therefore, this paper mainly studies the noise control technology of depth packet detection system. In this paper, the noise flow classification problem of the depth packet detection system based on the multi-core parallel processing architecture is studied. According to the TCP / IP protocol model, the noise flow is divided into three categories: network layer noise. Transmission layer noise and application layer noise are analyzed and their harm to depth packet detection system is analyzed. The network layer noise affects the flow distribution phase of the system, causing the problem of local overload. The transmission layer noise has a serious damage to the connection management in the traffic reduction stage, resulting in the connection explosion problem. Application layer noise has little effect on depth packet detection system. According to the magnitude of the harm, this paper makes a deep research on the prevention technology of network layer noise and transmission layer noise, and puts forward a self-feedback flow distribution strategy based on filtering for network layer noise. A three-level join table is designed for transport layer noise, and a new hybrid join management strategy is proposed. Finally, the noise control scheme is tested. The test results show that the proposed method can effectively filter the network layer and transport layer noise flow, enhance the robustness of the system, and improve the performance of the system.
【學位授予單位】：北京郵電大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前7條

1 楊武,方濱興,云曉春,張宏莉;基于骨干網(wǎng)的并行集群入侵檢測系統(tǒng)[J];哈爾濱工業(yè)大學學報;2004年03期

2 陳一驕;盧錫城;孫志剛;;面向流管理的哈希算法研究[J];計算機工程與科學;2008年04期

3 程光,龔儉,丁偉;基于統(tǒng)計分析的高速網(wǎng)絡分布式抽樣測量模型[J];計算機學報;2003年10期

4 賴海光;黃皓;謝俊元;;PABCS:一種用于并行入侵檢測的流量劃分算法[J];計算機學報;2007年04期

5 謝云;柳廳文;喬登科;孫永;劉金剛;;HCAA:一種哈希沖突過度的動態(tài)解決算法[J];計算機應用與軟件;2011年11期

6 胡侃,夏紹瑋;基于大型數(shù)據(jù)倉庫的數(shù)據(jù)采掘:研究綜述[J];軟件學報;1998年01期

7 王志佳;顧健;;一種改進的自動機壓縮算法在深度包檢測中的應用[J];信息網(wǎng)絡安全;2010年10期

，

本文編號：2076088