| 域间路由安全实时监测系统的设计与实现 |
| |
| 引用本文: | 李凯,朱培栋,刘功杰.域间路由安全实时监测系统的设计与实现[J].计算机工程,2006,32(18):166-168. |
| |
| 作者姓名: | 李凯 朱培栋 刘功杰 |
| |
| 作者单位: | 1. 国防科学技术大学计算机学院,长沙,410073
2. 现代通信国家重点实验室,成都,610041 |
| |
| 基金项目: | 国家自然科学基金;国家高技术研究发展计划(863计划);国家重点实验室基金 |
| |
| 摘 要: | 域间路由系统是Internet的基础设施和网络的关键支撑,然而由于其自身的脆弱性而存在许多安全方面的问题。从域间路由监测的角度出发,基于路由异常行为规则库和流量模式设计并实现了一个域间路由安全实时监测系统。系统可以实时检测网络流量异常以及非法路由,并向用户提供告警信息,同时根据BGP更新报文生成并维护BGP路由表,为基于路由表分析的监测方法做好了准备。给出了系统试验,并对系统性能进行了评价。
|
| 关 键 词: | 域间路由系统 BGP 异常监测 实时 规则库 流量模式 |
| 文章编号: | 1000-3428(2006)18-0166-03 |
| 收稿时间: | 12 4 2005 12:00AM |
| 修稿时间: | 2005-12-04 |
Design and Implementation of Real-time Security Monitor System for Inter-domain Route |
| |
| LI Kai,ZHU Peidong,LIU Gongjie.Design and Implementation of Real-time Security Monitor System for Inter-domain Route[J].Computer Engineering,2006,32(18):166-168. |
| |
| Authors: | LI Kai ZHU Peidong LIU Gongjie |
| |
| Affiliation: | School of Computer. National University of Defense Technology, Changsha 410073; National Laboratory for Modern Communiatiors, Chengdu 610041 |
| |
| Abstract: | Inter-domain route system is the critical part of the global communications infrastructure. However, inter-domain route system has severe healthy problems because of its own vulnerability. In view of inter-domain routing monitoring, it designs and implements a real-time security monitoring system based on anomaly behavior and traffic pattern. The system has real-lime ability to detect anomaly of traffic and illegal route. As the same time, a BGP route table is maintained to prepare for further analysis based on UPDATE packet. In the end, some experiments have been done to evaluate system capability. |
| |
| Keywords: | BGP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
