| 基于CBF流抽样的网络安全 |
| |
| 引用本文: | 刘亮亮,桂祚勤,刘渊.基于CBF流抽样的网络安全[J].江南大学学报(自然科学版),2008,7(1):26-29. |
| |
| 作者姓名: | 刘亮亮 桂祚勤 刘渊 |
| |
| 作者单位: | 1. 江南计算技术研究所,江苏,无锡,214083
2. 江南大学,信息工程学院,江苏,无锡,214122 |
| |
| 基金项目: | 国防基础研究基金项目(A1420061266) |
| |
| 摘 要: | 现有网络中常存在DDOS、恶意端口及IP扫描、蠕虫等异常产生大量的只包含1个数据包的流量.针对高速网络流量特点及网络异常导致的流量突然上升,提出了一种改进的基于CBF的流抽样算法.该算法对定长时间内到达的数据包进行固定数量的抽样,使抽样率能适应于流量变化,并可控制资源的消耗,尤其当泛洪攻击、DDOS攻击等导致大规模异常网络流量出现时,能有效保护路由器的处理器和内存资源以及传输流记录所需的带宽资源,同时又不失简单性和准确性.
|
| 关 键 词: | 网络安全 流量测量 流抽样 |
| 文章编号: | 1671-7147(2008)01-0026-04 |
| 修稿时间: | 2007年3月26日 |
Research on Network Security Based on CBF flow Sampling |
| |
| LIU Liang-liang,GUI Zuo-qin,LIU Yuan.Research on Network Security Based on CBF flow Sampling[J].Journal of Southern Yangtze University:Natural Science Edition,2008,7(1):26-29. |
| |
| Authors: | LIU Liang-liang GUI Zuo-qin LIU Yuan |
| |
| Abstract: | Today's traffic mixes often include massive denial of service attacks or aggressive port and IP scans that generate a large number of "flows"consisting of a single small packet.Considering the characteristic of high-speed network and the sudden rise of traffic caused by attacks,a novel flow sampling method based on Counting Bloom Filter is devised.It samples a fixed number of packets in a constant period,adapts sampling rate to traffic variety and provides the controllability of resource consumption.Especially,when flooding attacks,distributed denial of service attacks that cause large-scale anomaly traffic,it can efficiently protect router's processor and memory resources,and network bandwidth consumed by flow records,without sacrificing simplicity and accuracy. |
| |
| Keywords: | network security traffic measurement flow sampling |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
