摘要
针对如何在软件定义网络(SDN)体系架构下设计管理灵活、复杂性可控的网络以及如何保障网络安全等问题,提出了一种面向业务、安全增强、软件定义(3S)的网络体系架构。基于3S架构,设计实现了一种针对中国铁路通信信号系统网络的统一安全管控方案,并借助3S特性及神经网络算法,设计实现了一种有效的分布式拒绝服务攻击(DDo S)检测方法。
We proposes a service-oriented, security-enhanced and softwaredefined(3S) network(SDN) architecture which is flexible. And in this architecture, the network complexity can be reduced and security has been enhanced. Based on the3 S architecture, we design a unified security management scheme to guarantee network security. To tackle distrubted denial of service attack(DDo S) attacks, we designed a DDo S detection mechanism comprising attack trigger, attack detection,attack traceback, and attack mitigation.
出处
《中兴通讯技术》
2015年第4期11-14,共4页
ZTE Technology Journal
基金
国家杰出青年基金项目(61325023)
铁路总公司重大项目(2014X008-A)
教育部重大项目(313049)