期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

域间路由系统异常检测引擎的设计与实现

Design and implementation of anomaly detecting engine for inter-domain routing system
下载PDF
导出
摘要 BGP是Internet域间路由协议事实上的标准,但是路由异常会严重干扰正常的BGP协议行为。域间路由监测利用现有网络资源对路由行为进行检测,具有扩展性好、部署方便以及不需对现有协议修改等特点,并能将监测结果用于路由配置的改进。异常检测引擎是域间路由监测系统的重要组成部分,论文采用动态的检测链生成技术在实现单视图中异常检测功能的同时提高了检测类型的扩展性,并提出一种基于相关数据集的快速定位和视图分类索引的异常检测算法,提高了多视图检测的效率。实验表明,检测引擎在基于网络拓扑结构和路由状态的异常检测方面能力突出,并对多源冲突路由具有较好的检测效果。 BGP is one of the most widely used Inter-domain Routing Protocol nowadays,but the routing anomaly disturbs the normal protocol behaviors badly.By making use of network resource existed,the monitor of Inter-domain Routing System doesn't need to change any protocols in existence,so it can be easily expanded and deployed.Detecting engine for BGP anomaly plays an important role in BGP routing monitoring.We adopt the dynamic forming technique of detecting-links to get a well expansibility on detecting types in Single-View,and propose a BGP anomaly detecting algorithm based on multiple views,which can increase the efficiency by looking for related result-set and accelerating the search speed based on the index of views.The experiment results show that the engine performs well in the detecting based on topology and routing states,and get a preferable effect on MOAS conflicts detecting.
作者 王小强 朱培栋 邓文平 赵建强
机构地区 国防科学技术大学计算机学院
出处 《计算机工程与应用》 CSCD 北大核心 2007年第9期131-135,共5页 Computer Engineering and Applications
基金 国家高技术研究发展计划(863)(the National High-Tech Research and Development Plan of China under Grant No.2005AA121570) 现代通信国家重点实验室基金(No.51436050605KG0102)。
关键词 域间路由 异常检测 单视图 多视图 相关数据集 inter-domain routing anomaly detecting single-view multiple-views related result-set
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1Rekhter Y,Li T.A border gateway protocol 4(BGP-4)[S],1995.
  • 2stewart J W.BGP-4:inter-domain routing in the internet[M].[S.l.]:Addison-Wesley,1998.
  • 3Sam H,McPherson D.Internet routing architectures[M].2nd ed.[S.l.]:Cisco Press,2001.
  • 4Estrin D,Postel J,Rekhter Y.Routing arbiter architecture[EB/OL].[1999].http://www.isi.edu/ra/Publications/.
  • 5朱培栋,刘欣,蔡开裕.实现域间路由系统安全的系统化方法和有效工具[J].计算机工程与科学,2006,28(2):10-13. 被引量:1
  • 6朱培栋,刘欣,赵金晶.一种用于域间路由系统的监测模型[J].通信学报,2005,26(B01):76-80. 被引量:1
  • 7Huston G.Interconnection,peering,and settlements[C]//Proc INET,1999-06.
  • 8Alaettinoglu C.Scalable router configuration for the Internet[C]//Proc IEEE IC3N,1996.
  • 9Subramanian L,Agarwal S,Rexford J,et al.Characterizing the Internet Hierarchy from Multiple Vantage Points.Sigcom 2002.
  • 10Horstmann C S,Cornell G.Core Java[M].5th ed.[S.l.]:[s.n],2005.

二级参考文献16

  • 1J Cowie, A Ogielski, B Premore, et al. Global Routing Instabilities During Code Red II and Nimda Worm Propagation[EB/OL]. http://www. renesys.com /projeets/bgp_instability, 2003-03.
  • 2R Mahajan, D Watherall, T Addeson. Understanding BGP Misconfiguration[A]. ACM SIGCOMM'02[C]. 2002.
  • 3JUNOS Strict ISP Prefix Filter Template[EB/OL]. http://www. qorbit. net/doeuments/junos-bgp-template, pdf, 2003-03.
  • 4ftp://ftp-eng.cisco.com/cons/isp/security/Ingress-Prefix-Filter-Templates/, 2003-09.
  • 5http://www.cymru.com/Documents/bogon-list.html, 2003-09
  • 6Routeviews Project[EB/OL]. http://www.routeviews.org,2003-04,
  • 7L Gao. On Inferring Autonomous System Relationships in the Internet[Al. IEEE Global Intemet Symp[C]. 2000.
  • 8GREENE B R,MITH P. BGP risk assessment[EB/OL].http://www.nanog.org/mtg-0206/ppt/BGP-Risk-Assesment-v.5.pdf.
  • 9KRUEGEL C, MUTZ D, ROBERTSON S, et al. Topology-based detection of anomalous BGP messages[A]. In 6th Symposium on Recent Advances in Intrusion Detection(RAID)[C]. USA, 2003.17-35.
  • 10RENESYS Corp. Real time monitoring of global Internet routing[EB/OL], http://www.renesys.com/services.html.
计算机工程与应用
2007年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部