基于交换机配置行为的网络可信性评估
发布时间:2019-01-28 09:37
【摘要】:随着Internet的发展,网络呈现复杂、异构、多样等特点,使网络的安全问题变得越来越突出,目前,网络的不可信给网络的安全提出了新的挑战。可信网络包括服务提供者、终端用户以及网络本身的可信内涵,随着局域网的广泛应用,网络交换机成为实现网络数据转发的关键设备,由于网络交换机需要管理员的配置才能实现相应的功能,,而不同的功能会使网络提供数据转发的性能、有效性、可靠性等受到影响,所以由于不正确的配置或者恶意修改配置内容都会使网络改变其运行方式,导致网络不能按照预期的方式工作,而使网络变得不可信。本文基于以上的网络不可信问题,提出了一种由交换机组成的网络的可信性评估方法。 基于对网络信息传输的可信问题的研究,本文研究了交换机的功能原理,并研究了网络交换机功能与配置命令间的关系,在此基础上了分析网络交换机的特性及其行为状态,由此确定了网络交换机的配置和网络状态的描述方式,提出了一种由网络交换机组成的网络的可信性评估框架,该框架以网络交换机的配置内容为数据来源,经过数据处理获得反映网络功能的网络状态,并通过网络的可信预期来评估网络状态的可信程度,进一步通过网络状态与配置行为间的转化关系评估配置行为的可信性,从而实现对网络的可信性评估。本文将可信网络的内容扩展到可信网络的设备上,以保证用户对网络设备自身运行的可信性要求。
[Abstract]:With the development of the Internet, the network has the characteristics of complex, heterogeneous, diverse and so on, so that the security problem of the network becomes more and more prominent. At present, the untrustworthy network of the network poses a new challenge to the security of the network. the trusted network comprises a service provider, an end user and a trusted connotation of the network itself, and with the wide application of the local area network, the network switch becomes the key equipment for realizing the network data forwarding, different functions may affect the performance, validity, reliability, etc. of the data forwarding of the network, so that the network can not work in the expected manner due to improper configuration or malicious modification of the configuration content, and the network becomes untrustworthy. In this paper, based on the above-mentioned network non-trust problem, a method for evaluating the reliability of a network composed of switches is proposed. Based on the research of the reliability of network information transmission, this paper studies the function principle of the switch, and studies the relation between the function of the network switch and the configuration order, and then analyzes the characteristics and the behavior of the network switch. state, thus the configuration of the network switch and the description mode of the network state are determined, a credibility evaluation framework of a network composed of a network switch is provided, the framework takes the configuration content of the network switch as a data source, and the network shape reflecting the network function is obtained through the data processing The state of the network is evaluated by the trusted expectation of the network, and the credibility of the configuration behavior is further evaluated by the transformation relation between the network state and the configuration behavior, so that the credibility evaluation of the network is realized. In this paper, the content of the trusted network is extended to the equipment of the trusted network, so as to ensure the user's credibility to the network equipment itself.
【学位授予单位】:北京工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
本文编号:2416941
[Abstract]:With the development of the Internet, the network has the characteristics of complex, heterogeneous, diverse and so on, so that the security problem of the network becomes more and more prominent. At present, the untrustworthy network of the network poses a new challenge to the security of the network. the trusted network comprises a service provider, an end user and a trusted connotation of the network itself, and with the wide application of the local area network, the network switch becomes the key equipment for realizing the network data forwarding, different functions may affect the performance, validity, reliability, etc. of the data forwarding of the network, so that the network can not work in the expected manner due to improper configuration or malicious modification of the configuration content, and the network becomes untrustworthy. In this paper, based on the above-mentioned network non-trust problem, a method for evaluating the reliability of a network composed of switches is proposed. Based on the research of the reliability of network information transmission, this paper studies the function principle of the switch, and studies the relation between the function of the network switch and the configuration order, and then analyzes the characteristics and the behavior of the network switch. state, thus the configuration of the network switch and the description mode of the network state are determined, a credibility evaluation framework of a network composed of a network switch is provided, the framework takes the configuration content of the network switch as a data source, and the network shape reflecting the network function is obtained through the data processing The state of the network is evaluated by the trusted expectation of the network, and the credibility of the configuration behavior is further evaluated by the transformation relation between the network state and the configuration behavior, so that the credibility evaluation of the network is realized. In this paper, the content of the trusted network is extended to the equipment of the trusted network, so as to ensure the user's credibility to the network equipment itself.
【学位授予单位】:北京工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前4条
1 朱友文;黄刘生;陈国良;杨威;;分布式计算环境下的动态可信度评估模型[J];计算机学报;2011年01期
2 蒋泽;李双庆;尹程果;;基于多维决策属性的网络用户行为可信度评估[J];计算机应用研究;2011年06期
3 杨润;文志诚;李岩岩;;一种基于模糊理论的P2P系统动态可信模型[J];计算机应用研究;2012年01期
4 刘胜利;王飞;;可信计算技术研究[J];徐州工程学院学报(自然科学版);2008年03期
本文编号:2416941
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2416941.html
