路由器级分布式网络拓扑发现技术研究
发布时间:2018-08-28 17:05
【摘要】:分布式网络拓扑发现是进行非授权目标网络路由器级拓扑发现的主要方式之一,在网络拓扑发现研究领域扮演了十分重要的角色。相对于单点式网络拓扑发现,分布式网络拓扑发现能够获取更丰富的路由接口和链接信息,扩大网络拓扑发现范围。另一方面,分布式网络拓扑发现会产生更多的探测冗余,导致拓扑发现效率低下,且易被目标网络安全设备误判为DDo S攻击。因此,在尽可能扩大拓扑发现范围的同时降低探测冗余成为了路由器级分布式网络拓扑发现的重要问题。分布式网络拓扑发现技术主要由探测目的点选取、探测源选取和探测策略组成,本文遵循从方法评价到方法设计的思路,基于路由器级分布式网络拓扑发现的效能因素建立了拓扑发现评价指标,研究了探测目的点、探测源和探测策略对网络拓扑发现效能的影响,给出了分布式网络拓扑发现方案,为路由器级分布式网络拓扑发现实施提供了必要的理论参考。本文主要工作如下:(1)基于路由器级分布式网络拓扑发现的完整性与高效性,建立了六个评价指标,制定了测试与评价方法,为拓扑发现技术评价提供了依据。(2)设计了基于桩网络发现的探测目的点选取法。该方法通过少量预先探测发现目标网络中所有桩网络,采用随机抽样方法进行探测目的点选取。之后,从理论上证明了所选取的探测目的点集合为最小完备探测目的点集合。仿真实验结果表明,用该方法选出的探测目的点在不超过目标网络中地址总数0.65%的情况下,即可将路由接口完整度和路由链接发现完整度分别提高至97%和91%以上,比现有方法平均提高了约16%和20%。(3)提出了最大综合散列度探测源选取法。定义了综合散列度来量化探测源间逻辑距离,仿真实验结果说明了综合散列度越大的探测源组合所发现的拓扑范围越广;对混合遗传模拟退火算法进行了特殊定制,以筛选出综合散列度最大的探测源组合。仿真实验结果表明,相较于其他方法,最大综合散列度探测源选取法可将路由接口和路由链接发现总值平均提高约12%和18%。(4)设计了基于回转探测的渐进式拓扑探测策略。在优化Doubletree算法停止集的基础上,提出了Countree算法,并设计了基于探测源分组的回转探测模式来实施Countree探测。仿真实验结果说明了该策略可以有效解决Doubletree算法的拓扑遗漏问题,相比全探测,将探测冗余率减少了60%以上,同时将路由接口完整度与路由链接发现完整度均提高到90%以上。在探测冗余率平均低于18%的情况下,相比Doubletree算法,该策略将路由接口和路由链接发现完整度均提高了20%以上,探测源间通信次数降低了约50%,探测源间通信总量减少了约80%。(5)提出了DSP网络拓扑发现方案。将路由器级分布式网络拓扑发现划分为三个阶段,即探测目的点集合选取阶段、探测源集合选取阶段以及拓扑探测实施阶段,并分别配置基于桩网络发现的探测目的点选取法、最大综合散列度探测源选取法和基于回转探测的渐进式拓扑探测策略。仿真实验结果表明,本方案与现有方案相比,在网络拓扑发现的完整性与高效性上均有显著提升,具有更高的效能。
[Abstract]:Distributed network topology discovery is one of the main approaches to route-level topology discovery in unauthorized target networks and plays an important role in the field of network topology discovery. On the other hand, distributed network topology discovery can produce more detection redundancy, which leads to inefficient topology discovery and is easily misjudged as a DDo S attack by the target network security device. Problem. Distributed network topology discovery technology mainly consists of detection destination selection, detection source selection and detection strategy. Following the idea from method evaluation to method design, this paper establishes the evaluation index of topology discovery based on the efficiency factor of router-level distributed network topology discovery, and studies the detection destination, detection source and detection. The main work of this paper is as follows: (1) Based on the completeness and efficiency of router-level distributed network topology discovery, six evaluation indexes are established and formulated. Testing and evaluation methods are given, which provide a basis for the evaluation of topology discovery technology. (2) A method of detecting destination selection based on pile network discovery is designed. The simulation results show that the routing interface integrity and routing link discovery integrity can be improved to 97% and 91% respectively under the condition that the total number of addresses in the target network is not more than 0.65%, which is an average increase of 16% compared with the existing methods. And 20%. (3) The method of selecting probes with maximum synthetic hash is proposed. The comprehensive hash is defined to quantify the logical distance between probes. The simulation results show that the larger the comprehensive hash is, the wider the topological range of probes is. The hybrid genetic simulated annealing algorithm is specially customized to select the most comprehensive hash. Simulation results show that compared with other methods, the total value of route interface and route link discovery can be increased by 12% and 18%. (4) A progressive topology detection strategy based on rotation detection is designed. The simulation results show that this strategy can effectively solve the problem of topological omission in Doubletree algorithm. Compared with full detection, the detection redundancy rate is reduced by more than 60%, and the integrity of routing interface and routing link discovery are both reduced. Compared with Doubletree algorithm, this strategy improves the integrity of routing interface and routing link discovery by more than 20%, reduces the number of communication between probing sources by about 50%, and decreases the total amount of communication between probing sources by about 80%. (5) A DSP network topology discovery scheme is proposed. Distributed network topology discovery can be divided into three stages, i.e. detection destination selection stage, detection source selection stage and topology detection implementation stage. Detection destination selection method based on pile network discovery, maximum comprehensive hash detection source selection method and progressive topology detection strategy based on rotation detection are respectively configured. Simulation results show that compared with existing schemes, the proposed scheme can significantly improve the integrity and efficiency of network topology discovery, and has higher efficiency.
【学位授予单位】:解放军信息工程大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TN915.05
本文编号:2210022
[Abstract]:Distributed network topology discovery is one of the main approaches to route-level topology discovery in unauthorized target networks and plays an important role in the field of network topology discovery. On the other hand, distributed network topology discovery can produce more detection redundancy, which leads to inefficient topology discovery and is easily misjudged as a DDo S attack by the target network security device. Problem. Distributed network topology discovery technology mainly consists of detection destination selection, detection source selection and detection strategy. Following the idea from method evaluation to method design, this paper establishes the evaluation index of topology discovery based on the efficiency factor of router-level distributed network topology discovery, and studies the detection destination, detection source and detection. The main work of this paper is as follows: (1) Based on the completeness and efficiency of router-level distributed network topology discovery, six evaluation indexes are established and formulated. Testing and evaluation methods are given, which provide a basis for the evaluation of topology discovery technology. (2) A method of detecting destination selection based on pile network discovery is designed. The simulation results show that the routing interface integrity and routing link discovery integrity can be improved to 97% and 91% respectively under the condition that the total number of addresses in the target network is not more than 0.65%, which is an average increase of 16% compared with the existing methods. And 20%. (3) The method of selecting probes with maximum synthetic hash is proposed. The comprehensive hash is defined to quantify the logical distance between probes. The simulation results show that the larger the comprehensive hash is, the wider the topological range of probes is. The hybrid genetic simulated annealing algorithm is specially customized to select the most comprehensive hash. Simulation results show that compared with other methods, the total value of route interface and route link discovery can be increased by 12% and 18%. (4) A progressive topology detection strategy based on rotation detection is designed. The simulation results show that this strategy can effectively solve the problem of topological omission in Doubletree algorithm. Compared with full detection, the detection redundancy rate is reduced by more than 60%, and the integrity of routing interface and routing link discovery are both reduced. Compared with Doubletree algorithm, this strategy improves the integrity of routing interface and routing link discovery by more than 20%, reduces the number of communication between probing sources by about 50%, and decreases the total amount of communication between probing sources by about 80%. (5) A DSP network topology discovery scheme is proposed. Distributed network topology discovery can be divided into three stages, i.e. detection destination selection stage, detection source selection stage and topology detection implementation stage. Detection destination selection method based on pile network discovery, maximum comprehensive hash detection source selection method and progressive topology detection strategy based on rotation detection are respectively configured. Simulation results show that compared with existing schemes, the proposed scheme can significantly improve the integrity and efficiency of network topology discovery, and has higher efficiency.
【学位授予单位】:解放军信息工程大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TN915.05
【参考文献】
相关期刊论文 前4条
1 乔宏;张大方;曾彬;李明伟;韩健;;基于改进DoubleTree算法的网络拓扑发现方法[J];计算机工程与科学;2010年04期
2 庄锁法;龚俭;;网络拓扑发现综述[J];计算机技术与发展;2007年10期
3 姜誉;何松;;Internet路由器级拓扑测量中目标选择方法研究[J];通信学报;2006年02期
4 张宏莉,方滨兴,胡铭曾,姜誉,詹春艳,张树峰;Internet测量与分析综述[J];软件学报;2003年01期
,本文编号:2210022
本文链接:https://www.wllwen.com/kejilunwen/wltx/2210022.html
