互联网域间源地址验证的可部署性评价模型与方法设计

发布时间：2018-08-21 19:56

【摘要】：在当前互联网上，IP源地址伪造被广泛应用在网络攻击中来隐藏攻击源头或实现特殊的攻击效果，这极大地危害了网络安全、破坏网络可信基础、扰乱网络管理、阻碍了网络创新和发展。域间源地址验证方法通过加强自治域级别的源地址真实性来抑制网络中的伪造流量。十余年来，尽管许多域间源地址验证方法被提出，其中一些还被实现在路由器中，，但是这些方法的部署应用仍不充分，其部署率已经多年没有改善，导致伪造攻击愈演愈烈。为促进其部署应用，本文研究域间源地址验证方法的可部署性问题。我们从部署者的利益诉求出发，提出可部署性的评价指标、建立评价模型、对现有验证方法进行评价、总结验证方法的设计原则、设计高可部署的验证方法并予以实现和现网部署。主要内容如下： 1.提出了域间源地址验证方法的可部署性评价指标和评价模型。从部署者的角度出发，定义部署收益、部署开销和运维风险作为可部署性的三项指标，通过经济学理论证明了评价指标的合理性。建立了三项指标的量化评价模型，并对其正确性予以验证。 2.完成了对现有域间源地址验证方法的可部署性评价。基于所提出的评价模型，利用互联网真实数据，对现有主要验证方法的部署收益、部署开销和运维风险予以评价。结合对验证方法的创新性分类，总结出各类方法的可部署性特征。 3.提出了域间源地址验证方法的设计目标、可行解空间与设计原则。通过理论分析，将多目标优化中的帕累托最优验证方法作为设计目标。结合实际需求，锁定运维风险最低，将解空间降维，指出可行解空间，描述出帕累托最优解的位置和特征。总结了验证方法的设计原则，指导后文帕累托最优验证方法的设计。 4.设计了低风险、低开销的互助式端过滤方法MIEF。MIEF基于路由器中已经实现的端过滤技术，实现了低风险和低开销，并通过部署者之间的互助式防御提高部署收益。设计了MIEF的控制系统、审计系统和数据平面优化算法，评价了可部署性。 5.设计了低风险、高收益的域间协作防御系统ICS。ICS采用基于端和端到端的保护函数，建立域间协作联盟，实现了低风险和高收益，并通过按需防御降低开销。设计了ICS的保护函数、控制系统和数据平面协议，评价了可部署性，实现了该系统并完成现网大规模部署。
[Abstract]:Nowadays, IP source address forgery is widely used in network attacks to hide the source of attack or achieve special attack effects, which greatly endangers network security, destroys network trustworthiness, disrupts network management and hinders network innovation and development. For more than ten years, although many inter-domain source address verification methods have been proposed and some of them have been implemented in routers, the deployment and application of these methods are still insufficient, and their deployment rate has not been improved for many years, resulting in the increasing forgery attacks. Deployability of inter-source address verification methods is a problem of deployability. Starting from the interests of deployers, we propose deployability evaluation indicators, establish evaluation models, evaluate existing verification methods, summarize the design principles of verification methods, design highly deployable verification methods and implement them and deploy them on the network.
1. The deployability evaluation index and evaluation model of inter-domain source address verification method are proposed. Deployment revenue, deployment cost and operational risk are defined as three deployability indexes from the point of view of deployer. The rationality of evaluation index is proved by economic theory. Verify the accuracy.
2. The deployability evaluation of the existing inter-domain source address verification methods is completed. Based on the proposed evaluation model, the deployment benefits, deployment costs and operational risks of the existing main verification methods are evaluated by using real data from the Internet.
3. The design objective, feasible solution space and design principle of inter-domain source address verification method are proposed. The Pareto optimal verification method in multi-objective optimization is taken as the design objective through theoretical analysis. Combining with practical requirements, the operation and maintenance risk is minimized, the solution space is reduced, the feasible solution space is pointed out, and the location and sum of Pareto optimal solutions are described. The design principles of the verification method are summarized, and the design of Pareto optimal verification method is guided.
4. A low-risk and low-overhead mutual end-filtering method MIEF.MIEF is designed, which is based on the end-filtering technology already implemented in routers. It achieves low-risk and low-overhead, and improves deployment benefits through mutual defense between deployers. The control system of MIEF, audit system and data plane optimization algorithm are designed to evaluate deployability.
5. A low-risk and high-yield inter-domain cooperative defense system ICS. ICS uses end-to-end protection function to establish inter-domain cooperative alliance, realizes low-risk and high-yield, and reduces overhead through on-demand defense. And complete the large-scale deployment of the existing network.
【学位授予单位】：清华大学
【学位级别】：博士
【学位授予年份】：2014
【分类号】：TP393.08

【共引文献】