摘要
为提高网络安全性,CoLoR架构提出了一种基于路径标识加密的安全通信机制。为验证CoLoR架构的可行性和正确性,设计并开发了CoLoR架构中的边界路由器,实现了对请求包、数据包和控制包的处理和转发。搭建原型系统,测试了路径标识加密机制对边界路由器吞吐量的影响和对DATA包泛洪攻击的防范效果。结果表明,该机制可以有效防御DDOS数据包泛洪攻击,并且对边界路由器性能的影响非常小。
A secure communication mechanism based on path identification encryption is proposed in CoLoR architecture to enhance the network security.A CoLoR border router is designed and developed to verify the feasibility and correctness of the CoLoR architecture.The border realized the processing and forwarding of request packets,data packets and control packets.A prototype system is built to test various performances of this mechanism on border routers,including handling capacity,flooding attacks defense.The result shows that the secure communication mechanism can effectively prevent DDOS flooding attacks with few impact on the performance of the border routers.
作者
潘刚
罗洪斌
PAN Gang;LUO Hongbin(School of Electronic and Information Engineering,Beijing Jiaotong University,Beijing 100044,China)
出处
《中国科技论文》
CAS
北大核心
2018年第2期149-152,共4页
China Sciencepaper
基金
国家自然科学基金资助项目(61422101)
高等学校博士学科点专项科研基金资助项目(20130009110014)
