摘要
对基于Octeon多核网络处理器的新一代IPv6高速网络联动入侵防御系统进行研究,设计了新型联动入侵防御原型.系统基于Octeon多核的高速处理,并结合了IPv6网络中入侵的新特点.在基于入侵检测规则库规则匹配技术的基础上,运用新型的协议分析技术和基于流的检测技术,在Octeon多核间分配控制层与数据层的不同执行,采用命名块机制进行多核间通信,通过数据层核向控制层核的反馈,实现了流处理及协议分析模块与控制模块的高速联动.系统实现了Gbps级的高速入侵检测与联动防御处理.
The paper has made research to the Linked Intrusion Prevention System based on Octeon multi-core network processor for new generation high-speed IPv6 network.,and designed a new type of prototype.The system design is based on high-speed processing on Octeon multi-core,and combines new intrusion characteristics occurred in IPv6 network.On the basis of the technique of matching rules in rule library for intrusion detection,and using the new protocol analysis and flow-based detection techniques,the different executions including control plane and data plane are distributed on multiple cores of Octeon.Adopting the mechanism of named blocks to communicate between multiple cores,and by means of the feedbacks from the cores running data plane code to the control plane core,the system has realized the high-speed linking between the flow processing,protocol analysis module and the control module,which is competent for the high-speed intrusion detection and linked prevention at Gbps level.
出处
《微电子学与计算机》
CSCD
北大核心
2011年第12期79-83,88,共6页
Microelectronics & Computer
基金
国家自然科学基金(61070170)
江苏省高校自然科学研究计划项目(08KJB520011)
